Skip to main content

Multi Enterprise Integration Gateway

5 CVEs product

Monthly

CVE-2023-24971 MEDIUM PATCH This Month

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Denial Of Service Deserialization IBM B2B Advanced Communications +1
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-22595 MEDIUM PATCH This Month

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM B2B Advanced Communications Multi Enterprise Integration Gateway
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2016-5892 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS Multi Enterprise Integration Gateway B2B Advanced Communications
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-0341 HIGH This Week

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure B2B Advanced Communications Multi Enterprise Integration Gateway
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-7445 MEDIUM This Month

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure B2B Advanced Communications Multi Enterprise Integration Gateway
NVD
CVSS 3.0
4.3
EPSS
0.2%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Denial Of Service Deserialization +3
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM B2B Advanced Communications +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM XSS Multi Enterprise Integration Gateway +1
NVD
EPSS 0% CVSS 7.5
HIGH This Week

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure B2B Advanced Communications +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure B2B Advanced Communications +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy