First published: Thu Jan 30 2025(Updated: )
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM B2B Sterling Integrator | <=6.0.0.0 - 6.1.2.5 | |
IBM B2B Sterling Integrator | <=6.2.0.0 - 6.2.0.3 | |
>=6.0.0.0<=6.1.2.5 | ||
>=6.2.0.0<=6.2.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-45089 is classified as a moderate severity vulnerability impacting IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3.
To mitigate CVE-2024-45089, it is recommended to upgrade your IBM Sterling B2B Integrator to a version beyond 6.2.0.3.
Organizations using IBM Sterling B2B Integrator versions between 6.0.0.0 and 6.2.0.3 are affected by CVE-2024-45089.
CVE-2024-45089 is a security vulnerability that exposes sensitive filename information to authenticated users.
Monitor your IBM Sterling B2B Integrator logs for unusual access patterns that may indicate exploitation of CVE-2024-45089.