First published: Wed Jul 03 2013(Updated: )
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM B2B Sterling Integrator | =5.1 | |
IBM B2B Sterling Integrator | =5.2 | |
IBM Sterling File Gateway | =2.1 | |
IBM Sterling File Gateway | =2.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-0456 is considered a high severity vulnerability due to its potential for session hijacking.
To fix CVE-2013-0456, it is recommended to apply the latest patches and updates from IBM for affected software versions.
CVE-2013-0456 affects users of IBM Sterling B2B Integrator versions 5.1 and 5.2, and IBM Sterling File Gateway versions 2.1 and 2.2.
CVE-2013-0456 enables remote authenticated users to hijack sessions through a modified cookie path.
Yes, CVE-2013-0456 can be exploited remotely by authenticated users.