CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-4728

HIGH
8.8
CVSS Severity Score
EPSS Score0.0470%
EPSS Percentile17.03th
Published2021年1月5日
Last Modified2024年11月21日

Vulnerability Description

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452.

Affected Platforms (CPE)

📦
Ibm

Sterling B2b Integrator

>= 5.2.0.0 and <= 5.2.6.5_2
📦
Ibm

Sterling B2b Integrator

>= 6.0.0.0 and <= 6.0.3.2
📦
Ibm

Sterling B2b Integrator

= 6.1.0.0

References & Advisories

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/172452
🔗 https://www.ibm.com/support/pages/node/6396172
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/172452
🔗 https://www.ibm.com/support/pages/node/6396172

関連する脆弱性情報

CVE-2021-299039.8

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2021-390859.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vuln...

CVE-2021-297989.8

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send ...

CVE-2012-59379.3

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B...