CVE-2024-31903

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

Published: Jan 22, 2025
Updated: May 4, 2025
CVE: CVE-2024-31903
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-502

OWASP TOP 10:

A8 - Insecure Deserialization

Affected Software
References

Software	From	Fixed in
ibm / sterling_b2b_integrator	6.2.0.0	6.2.0.2.x
ibm / sterling_b2b_integrator	6.0.0.0	6.1.2.5.x

https://www.ibm.com/support/pages/node/7172233

Vulnerability Database

289,697

CVE-2024-31903