CVE-2020-4671

MEDIUM

IBM Sterling B2b Integrator < 5.2.6.5 - Log Information Exposure

Title source: rule
STIX 2.1

Description

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. IBM X-Force ID: 186284.

References (2)

Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6368001
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/186284

Scores

CVSS v3 6.5
EPSS 0.0024
EPSS Percentile 47.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-532
Status published
Products (1)
ibm/sterling_b2b_integrator 5.2.0.0 - 5.2.6.5
Published Nov 16, 2020
Tracked Since Feb 18, 2026