- Description
- IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.
- Source
- psirt@us.ibm.com
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@us.ibm.com
- CWE-502
- Hype score
- Not currently trending
Kicking off the week with an #exploit drop: ICYMI, last Friday I opensourced the PoC code for the LPE attack and Insecure Deserialisation/RCE vulnerability (CVE-2024-31903) affecting some old versions of the IBM Sterling B2B Integrator solution https://t.co/rgFhQJQmgu
@LAripping
24 Feb 2025
33 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-31903: HIGH] Vulnerable versions of IBM Sterling B2B Integrator allow attackers on the local network to execute arbitrary code due to deserialization of untrusted data. #CyberSecurity#cybersecurity,#vulnerability https://t.co/QH5UXtnl0r https://t.co/TsXnQkWbeE
@CveFindCom
22 Jan 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes