CVE-2019-4063
MEDIUMIBM Sterling B2B Integrator 5.2.0.1-6.0.0.0 - Cleartext Transmission of Sensitive Information
Title source: llmDescription
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man in the middle techniques. IBM X-ForceID: 157008.
References (3)
Core 3
Core References
VDB Entry, Vendor Advisory vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/157008
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107310
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=ibm10874234
Scores
CVSS v3
5.9
EPSS
0.0104
EPSS Percentile
59.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-319
Status
published
Products (1)
ibm/sterling_b2b_integrator
5.2.0.1 - 6.0.0.0
Published
Mar 05, 2019
Tracked Since
Feb 18, 2026