CVE-2020-4646

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/I:N/AV:N/UI:N/S:U/C:L/PR:L/AC:L/A:N/RC:C/E:U/RL:O
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
ibmsterling_b2b_integrator
5.2.0.0 ≤
𝑥
≤ 5.2.6.5
ibmsterling_b2b_integrator
6.0.0.0 ≤
𝑥
≤ 6.0.3.3
ibmsterling_b2b_integrator
6.1.0.0 ≤
𝑥
≤ 6.1.0.2
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/185808
https://www.ibm.com/support/pages/node/6454169
https://exchange.xforce.ibmcloud.com/vulnerabilities/185808
https://www.ibm.com/support/pages/node/6454169