7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.4%
IBM Sterling B2B Integrator uses Apache Xalan Java XSLT. This bulletin identifies the steps to take to address the vulnerabilities.
CVEID:CVE-2022-34169
**DESCRIPTION:**The Apache Xalan Java XSLT library could allow a remote attacker to execute arbitrary code on the system, caused by an integer truncation issue when processing malicious XSLT stylesheets. By using specially crafted XSLT stylesheets, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base score: 7.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/231489 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Affected Product(s) | Version(s) |
---|---|
IBM Sterling B2B Integrator | 6.0.0.0 - 6.0.3.9 |
IBM Sterling B2B Integrator | 6.1.0.0 - 6.1.2.3 |
IBM Sterling B2B Integrator | 6.2.0.0 |
IBM strongly recommends addressing the vulnerability now.
Product | Version | APAR | Remediation & Fix |
---|---|---|---|
IBM Sterling B2B Integrator | 6.0.0.0 - 6.0.3.9 | IT44322 | Apply B2BI 6.1.2.5 or 6.2.0.1 |
IBM Sterling B2B Integrator | 6.1.0.0 - 6.1.2.3 | IT44322 | Apply B2BI 6.1.2.5 or 6.2.0.1 |
IBM Sterling B2B Integrator | 6.2.0.0 | IT44322 | Apply B2BI 6.2.0.1 |
The IIM versions of 6.1.2.5 and 6.2.0.1 are available on Fix Central.
The container version of 6.1.2.5 and 6.2.0.1 are available in IBM Entitled Registry.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm sterling b2b integrator | eq | 6.0.0.0 | |
ibm sterling b2b integrator | eq | 6.2.0.1 |
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
8 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
53.4%