CVE-2023-42011
4.3
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Sterling B2B Integrator Standard Edition | 6.1, 6.2 | affected |
Weaknesses
- CWE-1021: CWE-1021 Improper Restriction of Rendered UI Layers or Frames
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://www.ibm.com/support/pages/node/7158657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/265508
References
- https://www.ibm.com/support/pages/node/7158657
- https://exchange.xforce.ibmcloud.com/vulnerabilities/265508
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.