CVE-2021-29700

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/I:N/PR:L/AC:L/C:L/S:U/UI:N/A:N/E:U/RC:C/RL:O
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
ibmsterling_b2b_integrator
5.2.0.0 ≤
𝑥
≤ 5.2.6.5_4
ibmsterling_b2b_integrator
6.0.0.0 ≤
𝑥
≤ 6.0.0.6
ibmsterling_b2b_integrator
6.0.1.0 ≤
𝑥
≤ 6.0.3.4
ibmsterling_b2b_integrator
6.1.0.0 ≤
𝑥
≤ 6.1.0.2
𝑥
= Vulnerable software versions
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/200656
https://www.ibm.com/support/pages/node/6496749
https://exchange.xforce.ibmcloud.com/vulnerabilities/200656
https://www.ibm.com/support/pages/node/6496749