First published: Wed Jul 03 2013(Updated: )
The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack traces by triggering (1) an error or (2) an exception.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM B2B Sterling Integrator | =5.1 | |
IBM B2B Sterling Integrator | =5.2 | |
IBM Sterling File Gateway | =2.1 | |
IBM Sterling File Gateway | =2.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-0481 is considered a moderate severity vulnerability that allows remote attackers to read sensitive stack traces.
To fix CVE-2013-0481, apply the recommended patches or updates provided by IBM for the affected versions of Sterling B2B Integrator and Sterling File Gateway.
CVE-2013-0481 affects IBM Sterling B2B Integrator versions 5.1 and 5.2, and IBM Sterling File Gateway versions 2.1 and 2.2.
Attackers can exploit CVE-2013-0481 to read stack traces that may expose sensitive information about the application.
CVE-2013-0481 is not a zero-day vulnerability as it has been disclosed and fixes are available from IBM.