CVE-2017-1174

2017-08-1015:00:00

ibm

www.cve.org

AI Score

8.6

Confidence

High

EPSS

0.001

Percentile

46.2%

JSON

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296.

CNA Affected

[
  {
    "product": "Sterling B2B Integrator",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.2"
      },
      {
        "status": "affected",
        "version": "5.2.4"
      },
      {
        "status": "affected",
        "version": "5.2.1"
      },
      {
        "status": "affected",
        "version": "5.2.2"
      },
      {
        "status": "affected",
        "version": "5.2.3"
      },
      {
        "status": "affected",
        "version": "5.2.5"
      },
      {
        "status": "affected",
        "version": "5.2.6"
      }
    ]
  }
]