CVE-2021-39087

EUVD-2021-25524
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AC:L/UI:N/A:N/I:N/PR:L/S:U/C:L/AV:N/RC:C/RL:O/E:U
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Affected Products (NVD)
VendorProductVersion
ibmsterling_b2b_integrator
6.0.0.0 ≤
𝑥
< 6.0.3.6
ibmsterling_b2b_integrator
6.1.0.0 ≤
𝑥
< 6.1.0.5
ibmsterling_b2b_integrator
6.1.1.0 ≤
𝑥
< 6.1.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/216109
https://www.ibm.com/support/pages/node/6612541
https://exchange.xforce.ibmcloud.com/vulnerabilities/216109
https://www.ibm.com/support/pages/node/6612541