Sign-up

ID

VAR-201307-0127


CVE

CVE-2013-0481


TITLE

IBM Sterling B2B Integrator and Sterling File Gateway Console trace stack vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2013-003199

DESCRIPTION

The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack traces by triggering (1) an error or (2) an exception. Successful exploits will allow attackers to obtain sensitive information. This may aid in further attacks. IBM Sterling B2B Integrator 5.1 is vulnerable; other versions may also be affected. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network

Trust: 2.07

sources: NVD: CVE-2013-0481 // JVNDB: JVNDB-2013-003199 // BID: 58498 // VULHUB: VHN-60483 // VULMON: CVE-2013-0481

AFFECTED PRODUCTS

vendor:ibmmodel:sterling b2b integratorscope:eqversion:5.1

Trust: 2.7

vendor:ibmmodel:sterling b2b integratorscope:eqversion:5.2

Trust: 2.4

vendor:ibmmodel:sterling file gatewayscope:eqversion:2.1

Trust: 2.4

vendor:ibmmodel:sterling file gatewayscope:eqversion:2.2

Trust: 2.4

sources: BID: 58498 // JVNDB: JVNDB-2013-003199 // CNNVD: CNNVD-201303-373 // NVD: CVE-2013-0481

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-0481
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-0481
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201303-373
value: MEDIUM

Trust: 0.6

VULHUB: VHN-60483
value: MEDIUM

Trust: 0.1

VULMON: CVE-2013-0481
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-0481
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-60483
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-60483 // VULMON: CVE-2013-0481 // JVNDB: JVNDB-2013-003199 // CNNVD: CNNVD-201303-373 // NVD: CVE-2013-0481

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-60483 // JVNDB: JVNDB-2013-003199 // NVD: CVE-2013-0481

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201303-373

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201303-373

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003199

PATCH
title:1640830url:http://www-01.ibm.com/support/docview.wss?uid=swg21640830
Trust: 0.8
title:1627986url:http://www-01.ibm.com/support/docview.wss?uid=swg21627986
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-003199

EXTERNAL IDS
db:NVDid:CVE-2013-0481
Trust: 2.9
db:BIDid:58498
Trust: 1.0
db:JVNDBid:JVNDB-2013-003199
Trust: 0.8
db:CNNVDid:CNNVD-201303-373
Trust: 0.7
db:XFid:81546
Trust: 0.6
db:XFid:2
Trust: 0.6
db:VULHUBid:VHN-60483
Trust: 0.1
db:VULMONid:CVE-2013-0481
Trust: 0.1
sources:
            
            
            VULHUB: VHN-60483 // 
            
            
            
            VULMON: CVE-2013-0481 // 
            
            
            
            BID: 58498 // 
            
            
            
            JVNDB: JVNDB-2013-003199 // 
            
            
            
            CNNVD: CNNVD-201303-373 // 
            
            
            
            NVD: CVE-2013-0481

REFERENCES
url:http://www-01.ibm.com/support/docview.wss?uid=swg21627986
Trust: 1.8
url:http://www-01.ibm.com/support/docview.wss?uid=swg21640830
Trust: 1.8
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/81546
Trust: 1.2
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0481
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0481
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/81546
Trust: 0.6
url:http://www.securityfocus.com/bid/58498
Trust: 0.6
url:http://www-01.ibm.com/software/commerce/b2b/products/b2b-integrator/
Trust: 0.3
url:https://www-304.ibm.com/support/docview.wss?uid=swg21627986
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-60483 // 
            
            
            
            VULMON: CVE-2013-0481 // 
            
            
            
            BID: 58498 // 
            
            
            
            JVNDB: JVNDB-2013-003199 // 
            
            
            
            CNNVD: CNNVD-201303-373 // 
            
            
            
            NVD: CVE-2013-0481

CREDITS
IBM
Trust: 0.9
sources:
            
            
            BID: 58498 // 
            
            
            
            CNNVD: CNNVD-201303-373

SOURCES
db:VULHUBid:VHN-60483
db:VULMONid:CVE-2013-0481
db:BIDid:58498
db:JVNDBid:JVNDB-2013-003199
db:CNNVDid:CNNVD-201303-373
db:NVDid:CVE-2013-0481

LAST UPDATE DATE
2024-08-14T12:27:30.481000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-60483date:2017-08-29T00:00:00
db:VULMONid:CVE-2013-0481date:2017-08-29T00:00:00
db:BIDid:58498date:2013-03-11T00:00:00
db:JVNDBid:JVNDB-2013-003199date:2013-07-04T00:00:00
db:CNNVDid:CNNVD-201303-373date:2013-07-04T00:00:00
db:NVDid:CVE-2013-0481date:2017-08-29T01:33:03.213

SOURCES RELEASE DATE
db:VULHUBid:VHN-60483date:2013-07-03T00:00:00
db:VULMONid:CVE-2013-0481date:2013-07-03T00:00:00
db:BIDid:58498date:2013-03-11T00:00:00
db:JVNDBid:JVNDB-2013-003199date:2013-07-04T00:00:00
db:CNNVDid:CNNVD-201303-373date:2013-03-19T00:00:00
db:NVDid:CVE-2013-0481date:2013-07-03T13:54:31.020