CVE-2014-6146

IBM Sterling B2B Integrator 5.2.x-5.2.4 - Exposure of Sensitive Information via Log Files

Title source: llm
STIX 2.1

Description

IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files.

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/62190
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21689082
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04337
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/96916

Scores

EPSS 0.0031
EPSS Percentile 22.6%

Details

CWE
CWE-200
Status published
Products (3)
ibm/sterling_b2b_integrator 5.2.1
ibm/sterling_b2b_integrator 5.2.2
ibm/sterling_b2b_integrator 5.2.4
Published Nov 08, 2014
Tracked Since Feb 18, 2026