CVE-2024-31903

Summary

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

Affected Software

VendorProductVersion RangeStatus
IBMSterling B2B Integrator Standard Edition6.0.0.0 <= 6.1.2.5affected
IBMSterling B2B Integrator Standard Edition6.2.0.0 <= 6.2.0.2affected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References