CyberSec.Space Logo
Back to CVE Browser

CVE-2019-4728

HIGH
8.8
CVSS Severity Score
EPSS Score0.0470%
EPSS Percentile17.03th
PublishedJan 5, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452.

Affected Platforms (CPE)

πŸ“¦
Ibm

Sterling B2b Integrator

>= 5.2.0.0 and <= 5.2.6.5_2
πŸ“¦
Ibm

Sterling B2b Integrator

>= 6.0.0.0 and <= 6.0.3.2
πŸ“¦
Ibm

Sterling B2b Integrator

= 6.1.0.0

References & Advisories

πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/172452
πŸ”— https://www.ibm.com/support/pages/node/6396172
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/172452
πŸ”— https://www.ibm.com/support/pages/node/6396172

Related Vulnerabilities

CVE-2021-299039.8

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2021-390859.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vuln...

CVE-2021-297989.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2012-59379.3

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B...