CVE-2025-2988

LOW

IBM Sterling B2B Integrator & File Gateway <6.2.1 - Info Disclosure

Title source: llm

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://www.ibm.com/support/pages/node/7242391

Scores

CVSS v3 2.7

EPSS 0.0024

EPSS Percentile 14.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-497

Status published

Products (4)

ibm/sterling_b2b_integrator 6.2.1.0

ibm/sterling_b2b_integrator 6.0.0.0 - 6.1.2.7_1

ibm/sterling_file_gateway 6.2.1.0

ibm/sterling_file_gateway 6.0.0.0 - 6.1.2.7_1

Published Aug 19, 2025

Tracked Since Feb 18, 2026