CVE-2019-4063

EUVD-2019-13670
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man in the middle techniques. IBM X-ForceID: 157008.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
ibmCNA
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/A:N/AC:H/AV:N/C:H/I:N/PR:N/S:U/UI:N/E:U/RC:C/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
ibmsterling_b2b_integrator
5.2.0.1 ≤
𝑥
≤ 6.0.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/107310
https://exchange.xforce.ibmcloud.com/vulnerabilities/157008
https://www.ibm.com/support/docview.wss?uid=ibm10874234
http://www.securityfocus.com/bid/107310
https://exchange.xforce.ibmcloud.com/vulnerabilities/157008
https://www.ibm.com/support/docview.wss?uid=ibm10874234