Lucene search

IBM60297A12787C9AB92AAF3DED8D3753BFAD870483E0D040B7FFE141E7E82C1823

HistoryJul 24, 2020 - 5:07 p.m.

Security Bulletin: Information Disclosure Security Vulnerability Afftects IBM Stering B2B Integrator GPM Web App (CVE-2020-4299)

2020-07-2417:07:55

www.ibm.com

ibm sterling b2b integrator

gpm web app

information disclosure

vulnerability

cve-2020-4299

security

ibm

fix

version 6.0.3.2

version 5.2.6.5_1

http request

sensitive information

EPSS

0.001

Percentile

19.6%

JSON

Summary

IBM Sterling B2B Integrator has addressed the information disclosre security vulnerability in GPM Web App

Vulnerability Details

CVEID:CVE-2020-4299
**DESCRIPTION:**IBM Sterling B2B Integrator Standard Edition could expose sensitive information to a user through a specially crafted HTTP request.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/176606 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s)	Version(s)
IBM Sterling B2B Integrator	6.0.0.0 - 6.0.3.1
IBM Sterling B2B Integrator	5.2.0.0 - 5.2.6.5_1

Remediation/Fixes

Product & Version	APAR	Remediation & Fix
5.2.0.0 - 5.2.6.5_1	IT32329	Apply IBM Sterling B2B Integrator version 5.2.6.5_2 and 6.0.3.2 on Fix Central
6.0.0.0 - 6.0.3.1	IT32329	Apply IBM Sterling B2B Integrator version 6.0.3.2 on Fix Central

Workarounds and Mitigations

None

EPSS

0.001

Percentile

19.6%

JSON

Related for 60297A12787C9AB92AAF3DED8D3753BFAD870483E0D040B7FFE141E7E82C1823