CVE-2024-27263

Summary

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques.

Affected Software

VendorProductVersion RangeStatus
IBMSterling B2B Integrator6.0.0.0 <= 6.1.2.5affected
IBMSterling B2B Integrator6.2.0.0 <= 6.2.0.1affected

Weaknesses

  • CWE-300: CWE-300 Channel Accessible by Non-Endpoint

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References