← Retour aux CVEs
CVE-2024-31903
HIGH8.8
Description
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueADJACENT_NETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurNONE
Publie1/22/2025
Derniere modification3/5/2025
Sourcenvd
Observations honeypot0
Produits affectes
ibm:sterling_b2b_integrator
Faiblesses (CWE)
CWE-502
References
https://www.ibm.com/support/pages/node/7172233(psirt@us.ibm.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.