← Volver a CVEs
CVE-2024-31903
HIGH8.8
Descripcion
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.
Detalles CVE
Puntuacion CVSS v3.18.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado1/22/2025
Ultima modificacion3/5/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
ibm:sterling_b2b_integrator
Debilidades (CWE)
CWE-502
Referencias
https://www.ibm.com/support/pages/node/7172233(psirt@us.ibm.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.