What is CVE-2015-7410?

CVE-2015-7410 is a high-severity vulnerability in Ibm Sterling_b2b_integrator, classified under CWE-17. CVSS score: 7.4/10. Published 2016-01-01.

How severe is CVE-2015-7410?

High severity. CVSS v3 base score is 7.4 out of 10.

Is CVE-2015-7410 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ibm Sterling_b2b_integrator

CVE-2015-7410

The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.

EPSS: 0.002 (45.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Ibm Sterling_b2b_integrator — versions 5.2
N/a — versions n/a

Weakness classification (CWE)

CWE-17

Public proof-of-concept exploits

References

79685 (vdb-entry, x_refsource_BID)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-7410?: CVE-2015-7410 is a high-severity vulnerability in Ibm Sterling_b2b_integrator, classified under CWE-17. CVSS score: 7.4/10. Published 2016-01-01.
How severe is CVE-2015-7410?: High severity. CVSS v3 base score is 7.4 out of 10.
Is CVE-2015-7410 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.