CVE-2025-2988

LOW

IBM Sterling B2B Integrator & File Gateway <6.2.1 - Info Disclosure

Title source: llm

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

References (1)

[Vendor Advisory] https://www.ibm.com/support/pages/node/7242391

Scores

CVSS v3 2.7

EPSS 0.0003

EPSS Percentile 10.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-497

Status published

Products (4)

ibm/sterling_b2b_integrator 6.2.1.0

ibm/sterling_b2b_integrator 6.0.0.0 - 6.1.2.7_1

ibm/sterling_file_gateway 6.2.1.0

ibm/sterling_file_gateway 6.0.0.0 - 6.1.2.7_1

Published Aug 19, 2025

Tracked Since Feb 18, 2026