CVE-2013-3020

2013-07-0313:54:31

CWE-200

[email protected]

web.nvd.nist.gov

cve-2013-3020

ibm sterling

b2b integrator

sterling file gateway

remote authentication

information disclosure

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.4 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

44.9%

JSON

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567.

Affected configurations

NVD

Node

ibmsterling_b2b_integratorMatch5.1

ibmsterling_b2b_integratorMatch5.2

ibmsterling_file_gatewayMatch2.1

ibmsterling_file_gatewayMatch2.2

CPENameOperatorVersion
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.1
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.2
ibm:sterling_file_gatewayibm sterling file gatewayeq2.1
ibm:sterling_file_gatewayibm sterling file gatewayeq2.2

CPE	Name	Operator	Version
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.1
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.2
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.1
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.2