Vulnerability CVE-2015-5019

Vulnerability CVE-2015-5019

Published: 2015-11-08 Modified: 2015-11-09

Description:

IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:N)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5.5/10	4.9/10	8/10

Exploit range	Attack complexity	Authentication
Remote	Low	Single time
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	None

Affected software
IBM -> Sterling b2b integrator
IBM -> Sterling integrator

References:

http://www-01.ibm.com/support/docview.wss?uid=swg21967781

http://www-01.ibm.com/support/docview.wss?uid=swg1IT11008

Copyright 2024, cxsecurity.com