First published: Tue Jun 25 2024(Updated: )
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Sterling B2B Integrator | <=6.2 | |
IBM Sterling B2B Integrator | <=6.1 | |
IBM Sterling B2B Integrator | =6.1 | |
IBM Sterling B2B Integrator | =6.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-42011 has been assigned a critical severity rating due to the potential for user confusion and misinteraction with UI layers.
To fix CVE-2023-42011, upgrade IBM Sterling B2B Integrator to a version that includes the necessary security patches.
CVE-2023-42011 affects IBM Sterling B2B Integrator versions 6.1 and 6.2.
The risks of CVE-2023-42011 include user interaction with incorrect application interfaces, leading to potential data exposure or security breaches.
Currently, there is no documented workaround for CVE-2023-42011, and upgrading is the recommended approach.