CVE-2024-52905

LOW
2025-03-10 [email protected]
2.7
CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:50 vuln.today
CVE Published
Mar 10, 2025 - 16:15 nvd
LOW 2.7

Tags

IBM Information Disclosure

Description

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user.

Analysis

IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 contain an information disclosure flaw that could allow users with elevated privileges to access sensitive database information they shouldn't normally be able to see. This affects organizations using these specific versions of the software. An attacker with administrative or privileged access could exploit this to view confidential data stored in the database.

Technical Context

affects IBM Sterling B2B Integrator Standard Edition 6.0.0.0. IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user.

Affected Products

Product: IBM Sterling B2B Integrator Standard Edition 6.0.0.0. Versions: up to 6.1.2.6.

Remediation

Monitor vendor advisories for a patch. Restrict network access to the affected service where possible.

Priority Score

14
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +14
POC: 0

Share

CVE-2024-52905 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy