EUVD-2023-45249
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
4Description
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, and 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Analysis
This is a Stored or Reflected Cross-Site Scripting (XSS) vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway that allows authenticated users to inject arbitrary JavaScript code into the Web UI. An attacker with valid credentials can craft malicious payloads that execute in the context of other users' sessions, potentially leading to credential theft, session hijacking, or unauthorized actions within a trusted environment. With a CVSS score of 5.4 and requiring low attack complexity plus user interaction (clicking a malicious link), this vulnerability poses a moderate risk primarily in environments where user trust is high and credentials are valuable.
Technical Context
This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation, commonly known as Cross-Site Scripting). The affected IBM Sterling products (B2B Integrator and File Gateway) are enterprise integration platforms that process input through their Web UI without adequate output encoding or input validation. The vulnerability exists across multiple versions: 6.1.0.0 through 6.1.2.7_2 and 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 (CPE identifiers: cpe:2.3:a:ibm:sterling_b2b_integrator and cpe:2.3:a:ibm:sterling_file_gateway). The root cause is insufficient input sanitization or output encoding when reflecting user-supplied data back to the Web UI, allowing JavaScript payloads to bypass security controls.
Affected Products
IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2 and 6.2.0.0 through 6.2.0.5_1 and 6.2.1.0 through 6.2.1.1_1 are affected, as well as IBM Sterling File Gateway in the same version ranges. These products are identified by CPE strings cpe:2.3:a:ibm:sterling_b2b_integrator and cpe:2.3:a:ibm:sterling_file_gateway. IBM has published security advisories addressing this vulnerability; organizations should consult IBM Security Bulletins and the IBM Support portal for detailed remediation guidance specific to their deployed versions.
Remediation
Upgrade IBM Sterling B2B Integrator and File Gateway to patched versions released by IBM (6.1.2.8 or later for 6.1.x branch, and 6.2.0.6 or later for 6.2.x branch, with 6.2.1.2 or later for 6.2.1 branch). Consult IBM's official security advisory and patch release notes to confirm exact version availability for your maintenance level. If immediate patching is not feasible, implement compensating controls: restrict Web UI access to trusted networks only via firewall rules, enforce multi-factor authentication for Sterling platform access, disable JavaScript execution for users with lower trust levels where possible, and monitor Web UI logs for suspicious JavaScript-like input patterns. Additionally, implement Content Security Policy (CSP) headers in the Web UI configuration to restrict inline script execution.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today