Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Sterling B2B Integrator by IBM Corporation

    CVE-2016-0210 (GCVE-0-2016-0210)

    Vulnerability from nvd – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Sterling B2B Integrator Affected: 5.1
    Affected: 5.2
    Affected: 4.3
    Affected: 5.0
    Affected: 5.2.4
    Affected: -
    Affected: 5.2.1
    Affected: 5.2.2
    Affected: 5.2.3
    Affected: 5.2.4.1
    Affected: 5.2.4.2
    Affected: 5.2.5
    Affected: 5.2.6
    Create a notification for this product.
    Date Public
    2016-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.353Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "90527",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90527"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sterling B2B Integrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1"
                },
                {
                  "status": "affected",
                  "version": "5.2"
                },
                {
                  "status": "affected",
                  "version": "4.3"
                },
                {
                  "status": "affected",
                  "version": "5.0"
                },
                {
                  "status": "affected",
                  "version": "5.2.4"
                },
                {
                  "status": "affected",
                  "version": "-"
                },
                {
                  "status": "affected",
                  "version": "5.2.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.3"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.5"
                },
                {
                  "status": "affected",
                  "version": "5.2.6"
                }
              ]
            }
          ],
          "datePublic": "2016-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "90527",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90527"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0210",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sterling B2B Integrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.1"
                              },
                              {
                                "version_value": "5.2"
                              },
                              {
                                "version_value": "4.3"
                              },
                              {
                                "version_value": "5.0"
                              },
                              {
                                "version_value": "5.2.4"
                              },
                              {
                                "version_value": "-"
                              },
                              {
                                "version_value": "5.2.1"
                              },
                              {
                                "version_value": "5.2.2"
                              },
                              {
                                "version_value": "5.2.3"
                              },
                              {
                                "version_value": "5.2.4.1"
                              },
                              {
                                "version_value": "5.2.4.2"
                              },
                              {
                                "version_value": "5.2.5"
                              },
                              {
                                "version_value": "5.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "90527",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90527"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21981549",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0210",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.353Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-6020 (GCVE-0-2016-6020)

    Vulnerability from nvd – Published: 2017-02-01 20:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Sterling B2B Integrator Affected: 5.1
    Affected: 5.2
    Affected: 4.3
    Affected: 5.0
    Affected: 5.2.4
    Affected: -
    Affected: 5.2.1
    Affected: 5.2.2
    Affected: 5.2.3
    Affected: 5.2.4.1
    Affected: 5.2.4.2
    Affected: 5.2.5
    Affected: 5.2.6
    Create a notification for this product.
    Date Public
    2017-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:10.633Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95098",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95098"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sterling B2B Integrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1"
                },
                {
                  "status": "affected",
                  "version": "5.2"
                },
                {
                  "status": "affected",
                  "version": "4.3"
                },
                {
                  "status": "affected",
                  "version": "5.0"
                },
                {
                  "status": "affected",
                  "version": "5.2.4"
                },
                {
                  "status": "affected",
                  "version": "-"
                },
                {
                  "status": "affected",
                  "version": "5.2.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.3"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.5"
                },
                {
                  "status": "affected",
                  "version": "5.2.6"
                }
              ]
            }
          ],
          "datePublic": "2017-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-02T10:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "95098",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95098"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-6020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sterling B2B Integrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.1"
                              },
                              {
                                "version_value": "5.2"
                              },
                              {
                                "version_value": "4.3"
                              },
                              {
                                "version_value": "5.0"
                              },
                              {
                                "version_value": "5.2.4"
                              },
                              {
                                "version_value": "-"
                              },
                              {
                                "version_value": "5.2.1"
                              },
                              {
                                "version_value": "5.2.2"
                              },
                              {
                                "version_value": "5.2.3"
                              },
                              {
                                "version_value": "5.2.4.1"
                              },
                              {
                                "version_value": "5.2.4.2"
                              },
                              {
                                "version_value": "5.2.5"
                              },
                              {
                                "version_value": "5.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95098",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95098"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21995794",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-6020",
        "datePublished": "2017-02-01T20:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:10.633Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0210 (GCVE-0-2016-0210)

    Vulnerability from cvelistv5 – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Sterling B2B Integrator Affected: 5.1
    Affected: 5.2
    Affected: 4.3
    Affected: 5.0
    Affected: 5.2.4
    Affected: -
    Affected: 5.2.1
    Affected: 5.2.2
    Affected: 5.2.3
    Affected: 5.2.4.1
    Affected: 5.2.4.2
    Affected: 5.2.5
    Affected: 5.2.6
    Create a notification for this product.
    Date Public
    2016-04-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.353Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "90527",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/90527"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sterling B2B Integrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1"
                },
                {
                  "status": "affected",
                  "version": "5.2"
                },
                {
                  "status": "affected",
                  "version": "4.3"
                },
                {
                  "status": "affected",
                  "version": "5.0"
                },
                {
                  "status": "affected",
                  "version": "5.2.4"
                },
                {
                  "status": "affected",
                  "version": "-"
                },
                {
                  "status": "affected",
                  "version": "5.2.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.3"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.5"
                },
                {
                  "status": "affected",
                  "version": "5.2.6"
                }
              ]
            }
          ],
          "datePublic": "2016-04-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "90527",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/90527"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0210",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sterling B2B Integrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.1"
                              },
                              {
                                "version_value": "5.2"
                              },
                              {
                                "version_value": "4.3"
                              },
                              {
                                "version_value": "5.0"
                              },
                              {
                                "version_value": "5.2.4"
                              },
                              {
                                "version_value": "-"
                              },
                              {
                                "version_value": "5.2.1"
                              },
                              {
                                "version_value": "5.2.2"
                              },
                              {
                                "version_value": "5.2.3"
                              },
                              {
                                "version_value": "5.2.4.1"
                              },
                              {
                                "version_value": "5.2.4.2"
                              },
                              {
                                "version_value": "5.2.5"
                              },
                              {
                                "version_value": "5.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "90527",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/90527"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21981549",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21981549"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0210",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.353Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-6020 (GCVE-0-2016-6020)

    Vulnerability from cvelistv5 – Published: 2017-02-01 20:00 – Updated: 2024-08-06 01:15
    VLAI
    Summary
    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Sterling B2B Integrator Affected: 5.1
    Affected: 5.2
    Affected: 4.3
    Affected: 5.0
    Affected: 5.2.4
    Affected: -
    Affected: 5.2.1
    Affected: 5.2.2
    Affected: 5.2.3
    Affected: 5.2.4.1
    Affected: 5.2.4.2
    Affected: 5.2.5
    Affected: 5.2.6
    Create a notification for this product.
    Date Public
    2017-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:15:10.633Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95098",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95098"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sterling B2B Integrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1"
                },
                {
                  "status": "affected",
                  "version": "5.2"
                },
                {
                  "status": "affected",
                  "version": "4.3"
                },
                {
                  "status": "affected",
                  "version": "5.0"
                },
                {
                  "status": "affected",
                  "version": "5.2.4"
                },
                {
                  "status": "affected",
                  "version": "-"
                },
                {
                  "status": "affected",
                  "version": "5.2.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.3"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.1"
                },
                {
                  "status": "affected",
                  "version": "5.2.4.2"
                },
                {
                  "status": "affected",
                  "version": "5.2.5"
                },
                {
                  "status": "affected",
                  "version": "5.2.6"
                }
              ]
            }
          ],
          "datePublic": "2017-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-02T10:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "95098",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95098"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-6020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sterling B2B Integrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "5.1"
                              },
                              {
                                "version_value": "5.2"
                              },
                              {
                                "version_value": "4.3"
                              },
                              {
                                "version_value": "5.0"
                              },
                              {
                                "version_value": "5.2.4"
                              },
                              {
                                "version_value": "-"
                              },
                              {
                                "version_value": "5.2.1"
                              },
                              {
                                "version_value": "5.2.2"
                              },
                              {
                                "version_value": "5.2.3"
                              },
                              {
                                "version_value": "5.2.4.1"
                              },
                              {
                                "version_value": "5.2.4.2"
                              },
                              {
                                "version_value": "5.2.5"
                              },
                              {
                                "version_value": "5.2.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95098",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95098"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg21995794",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg21995794"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-6020",
        "datePublished": "2017-02-01T20:00:00.000Z",
        "dateReserved": "2016-06-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:15:10.633Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }