IBM 10x vulnerability in IBM Sterling B2B Integrator could allow a remote attacker to obtain sensitive information.
CVEID: CVE-2016-0341**
DESCRIPTION:** IBM 10x could allow a malicious user to obtain highly sensitive information due to missing configurations of HTTPS.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111782> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
IBM Sterling B2B Integrator 5.2
Product
|
Version
|
Remediated Fix
โ|โ|โ
IBM Sterling B2B Integrator| 5.2|
_**Note: If you have already installed B2B APIs, do the following additional step: **
2. Use InstallService.sh or InstallService.cmd to install packages/b2biAPIs_1000602.jar in Media_IM_5020602.zip
IBM recommends that you review your entire environment to identify vulnerable releases of the open-source Apache Commons Collections and take appropriate mitigation and remediation actions.
None