Security Bulletin: Informaton Disclosure Vulnerability Affects the Dashboard User Interface of IBM Stelring B2B Integrator (CVE-2021-29700)

2021-10-0615:06:04

www.ibm.com

0.001 Low

EPSS

Percentile

19.6%

JSON

Summary

IBM Sterling B2B Integrator has addressed the security vulnerability.

Vulnerability Details

CVEID:CVE-2021-29700
**DESCRIPTION:**IBM Sterling B2B Integrator Standard Edition could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/200656 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

Affected Products and Versions

Affected Product(s)	APAR(s)	Version(s)
IBM Sterling B2B Integrator	IT36570	5.2.0.0 - 5.2.6.5_4
IBM Sterling B2B Integrator	IT36570	6.0.0.0 - 6.0.0.6, 6.0.1.0 - 6.0.3.4
IBM Sterling B2B Integrator	IT36570	6.1.0.0 - 6.1.0.2

Remediation/Fixes

Product & Version	Remediation & Fix
5.2.0.0 - 5.2.6.5_4	Apply IBM Sterling B2B Integrator version 6.0.0.7, 6.0.3.5, 6.1.0.3 or 6.1.1.0 on Fix Central
6.0.0.0 - 6.0.0.6, 6.0.1.0 - 6.0.3.4	Apply IBM Sterling B2B Integrator version 6.0.0.7, 6.0.3.5, 6.1.0.3 or 6.1.1.0 on Fix Central
6.1.0.0 - 6.1.0.2	Apply IBM Sterling B2B Integrator version 6.1.0.3 or 6.1.1.0 on Fix Central

Workarounds and Mitigations

None

CPENameOperatorVersion
sterling b2b integratoreq5.2.0.0
sterling b2b integratoreq6.1.1.0

CPE	Name	Operator	Version
	sterling b2b integrator	eq	5.2.0.0
	sterling b2b integrator	eq	6.1.1.0

0.001 Low

EPSS

Percentile

19.6%

JSON

Related for 849E3D032381E6FE909B0E067C34B478B86EC886C4CB44E864305CF0C02ADC70