CVE-2020-4646

EUVD-2020-25893
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/I:N/AV:N/UI:N/S:U/C:L/PR:L/AC:L/A:N/RC:C/E:U/RL:O
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
ibmsterling_b2b_integrator
5.2.0.0 ≤
𝑥
≤ 5.2.6.5
ibmsterling_b2b_integrator
6.0.0.0 ≤
𝑥
≤ 6.0.3.3
ibmsterling_b2b_integrator
6.1.0.0 ≤
𝑥
≤ 6.1.0.2
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/185808
https://www.ibm.com/support/pages/node/6454169
https://exchange.xforce.ibmcloud.com/vulnerabilities/185808
https://www.ibm.com/support/pages/node/6454169