Medium Severity

IBM Security Bulletin: Multiple Cross-Site Scripting Vulnerabilities Affect IBM Sterling B2B Integrator

Share this post:

IBM Sterling B2B Integrator Standard Edition has addressed the cross-scripting vulnerabilities

CVE(s): CVE-2019-4073, CVE-2019-4074, CVE-2019-4075, CVE-2019-4076, CVE-2019-4077, CVE-2019-4148

Affected product(s) and affected version(s):
IBM Sterling B2B Integrator 6.0.0.0 – 6.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10880591
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157107
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157108
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157109
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157110
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157111
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/158414

More stories

IBM Security Bulletin: A security vulnerability has been addressed in IBM Cognos Analytics (CVE-2019-4139)

May 24, 2019 9:01 am EDT | Medium Severity

This bulletin addresses a security vulnerability that has been fixed in IBM Cognos Analytics 11.1.2 and IBM Cognos Analytics 11.0.13 FP1. A Cross Site Scripting (XSS) vulnerability could allow attackers to inject code into a GET statement when importing visualizations. This has been addressed in the latest available updates. CVE(s): CVE-2019-4139 Affected product(s) and affected ...read more


IBM Security Bulletin: Cross-site scripting and failure to enforce HTTP Strict Transport Security vulnerabilities in IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4137, CVE-2019-4138)

May 24, 2019 9:01 am EDT | Medium Severity

IBM Spectrum Control (formerly Tivoli Storage Productivity Center) is vulnerable to cross-site scripting and failure to enforce HTTP Strict Transport Security. CVE(s): CVE-2019-4137, CVE-2019-4138 Affected product(s) and affected version(s): IBM Spectrum Control 5.2.13 – 5.2.17.2 IBM Spectrum Control 5.3.0 – 5.3.2 The versions listed above apply to all licensed offerings of IBM Spectrum Control. Refer ...read more


IBM Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability

May 24, 2019 9:01 am EDT | Medium Severity

IBM Security Guardium is aware of the following vulnerability CVE(s): CVE-2019-1559 Affected product(s) and affected version(s): Affected IBM Security Guardium Affected Versions IBM Security Guardium 10.1.4 – 10.6 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10885200X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/157514 ...read more