IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/185808 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/6454169 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
03 May 2022, 16:04
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
25 May 2021, 20:05
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:standard:*:*:* | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/185808 - VDB Entry, Vendor Advisory | |
References | (CONFIRM) https://www.ibm.com/support/pages/node/6454169 - Patch, Vendor Advisory | |
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 4.3 |
19 May 2021, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-05-19 20:15
Updated : 2023-12-10 13:55
NVD link : CVE-2020-4646
Mitre link : CVE-2020-4646
CVE.ORG link : CVE-2020-4646
JSON object : View
Products Affected
ibm
- sterling_b2b_integrator
CWE