CVE-2013-0539

EUVD-2013-0550
An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive information, via a brute-force attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
ibmsterling_b2b_integrator
5.1
ibmsterling_b2b_integrator
5.2
ibmsterling_file_gateway
2.1
ibmsterling_file_gateway
2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92007
http://www-01.ibm.com/support/docview.wss?uid=swg21640830
https://exchange.xforce.ibmcloud.com/vulnerabilities/82916
http://www-01.ibm.com/support/docview.wss?uid=swg1IC92007
http://www-01.ibm.com/support/docview.wss?uid=swg21640830
https://exchange.xforce.ibmcloud.com/vulnerabilities/82916