Lucene search

[email protected]NVD:CVE-2023-25682

HistoryNov 22, 2023 - 7:15 p.m.

CVE-2023-25682

2023-11-2219:15:08

CWE-532

[email protected]

web.nvd.nist.gov

ibm

sterling b2b integrator

sensitive information

log files

local user

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.

Affected configurations

NVD

Node

ibmsterling_b2b_integratorRange6.0.0.0–6.0.3.9standard

ibmsterling_b2b_integratorRange6.1.0.0–6.1.2.3standard

References

exchange.xforce.ibmcloud.com/vulnerabilities/247034

www.ibm.com/support/pages/node/7080172

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2023-25682

cvelist1 ibm1 prion1 cve1