CVE-2020-4566

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. IBM X-Force ID: 184083.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/UI:N/AC:L/S:U/I:N/A:N/PR:L/C:H/RC:C/E:U/RL:O
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
VendorProductVersion
ibmsterling_b2b_integrator
5.2.6.0 ≤
𝑥
≤ 5.2.6.5
ibmsterling_b2b_integrator
6.0.0.0 ≤
𝑥
≤ 6.0.3.2
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/184083
https://www.ibm.com/support/pages/node/6367975
https://exchange.xforce.ibmcloud.com/vulnerabilities/184083
https://www.ibm.com/support/pages/node/6367975