Overview
- Description
- IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- psirt@us.ibm.com
- CWE-1021
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:6.1:*:*:*:standard:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EAB30CAA-8F41-470E-9B2D-8713B5397026"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:6.2:*:*:*:standard:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60AB8589-9748-42E3-945E-19FAB3B30A4F"
}
],
"operator": "OR"
}
]
}
]