CVE-2024-27263

MEDIUM

IBM Sterling B2B Integrator <6.2.0.1 - Info Disclosure

Title source: llm

Description

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques.

References (1)

[Vendor Advisory] https://www.ibm.com/support/pages/node/7176072

Scores

CVSS v3 5.3

EPSS 0.0011

EPSS Percentile 30.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-300

Status published

Affected Products (1)

ibm/sterling_b2b_integrator < 6.1.2.5

Timeline

Published Jan 28, 2025

Tracked Since Feb 18, 2026