SQL Injection in Ibm Sterling_b2b_integrator

CVE-2013-5409

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Vulnerability class: SQL Injection

EPSS: 0.003 (54.8th percentile) — read the EPSS interpretation.

Affected products

Ibm Sterling_b2b_integrator — versions 5.2
Ibm Sterling_file_gateway — versions 2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-89 — SQL Injection

References

ibm-sterling-cve20135409-sqli(87358) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
IC96049 (vendor-advisory, x_refsource_AIXAPAR)