Details of VAR-201307-0292

ID

VAR-201307-0292

CVE

CVE-2013-0558

TITLE

IBM Sterling B2B Integrator and Sterling File Gateway Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2013-003201

DESCRIPTION

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive information about application implementation via unspecified vectors. Multiple IBM products are prone to an unspecified information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. IBM Sterling File Gateway is a set of file transfer software that integrates different file transfer methods and can realize secure interaction through the network

Trust: 2.07

sources: NVD: CVE-2013-0558 // JVNDB: JVNDB-2013-003201 // BID: 60986 // VULHUB: VHN-60560 // VULMON: CVE-2013-0558

AFFECTED PRODUCTS

vendor:	ibm	model:	sterling file gateway	scope:	eq	version:	2.2	Trust: 2.7
vendor:	ibm	model:	sterling file gateway	scope:	eq	version:	2.1	Trust: 2.7
vendor:	ibm	model:	sterling b2b integrator	scope:	eq	version:	5.2	Trust: 2.7
vendor:	ibm	model:	sterling b2b integrator	scope:	eq	version:	5.1	Trust: 2.7

sources: BID: 60986 // JVNDB: JVNDB-2013-003201 // CNNVD: CNNVD-201307-055 // NVD: CVE-2013-0558

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-0558
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-0558
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201307-055
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-60560
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2013-0558
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-0558
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-60560
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-60560 // VULMON: CVE-2013-0558 // JVNDB: JVNDB-2013-003201 // CNNVD: CNNVD-201307-055 // NVD: CVE-2013-0558

PROBLEMTYPE DATA

problemtype:

CWE-200

Trust: 1.9

sources: VULHUB: VHN-60560 // JVNDB: JVNDB-2013-003201 // NVD: CVE-2013-0558

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-055

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201307-055

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-003201

PATCH

title:	IC90483	url:	http://www-01.ibm.com/support/docview.wss?uid=swg1IC90483	Trust: 0.8
title:	1640830	url:	http://www-01.ibm.com/support/docview.wss?uid=swg21640830	Trust: 0.8
title:	si_52_build_5020401_hotfix_3	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46369	Trust: 0.6

sources: JVNDB: JVNDB-2013-003201 // CNNVD: CNNVD-201307-055

EXTERNAL IDS

db:	NVD	id:	CVE-2013-0558	Trust: 2.9
db:	JVNDB	id:	JVNDB-2013-003201	Trust: 0.8
db:	CNNVD	id:	CNNVD-201307-055	Trust: 0.7
db:	XF	id:	83006	Trust: 0.6
db:	XF	id:	2	Trust: 0.6
db:	AIXAPAR	id:	IC90483	Trust: 0.6
db:	BID	id:	60986	Trust: 0.5
db:	VULHUB	id:	VHN-60560	Trust: 0.1
db:	VULMON	id:	CVE-2013-0558	Trust: 0.1

sources: VULHUB: VHN-60560 // VULMON: CVE-2013-0558 // BID: 60986 // JVNDB: JVNDB-2013-003201 // CNNVD: CNNVD-201307-055 // NVD: CVE-2013-0558

REFERENCES

url:	http://www-01.ibm.com/support/docview.wss?uid=swg21640830	Trust: 2.1
url:	http://www-01.ibm.com/support/docview.wss?uid=swg1ic90483	Trust: 1.8
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/83006	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0558	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0558	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/83006	Trust: 0.6
url:	http://www-03.ibm.com/software/products/us/en/file-gateway/	Trust: 0.3
url:	http://www-01.ibm.com/software/commerce/b2b/products/b2b-integrator/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/200.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/60986	Trust: 0.1

sources: VULHUB: VHN-60560 // VULMON: CVE-2013-0558 // BID: 60986 // JVNDB: JVNDB-2013-003201 // CNNVD: CNNVD-201307-055 // NVD: CVE-2013-0558

CREDITS

IBM

Trust: 0.3

sources: BID: 60986

SOURCES

db:	VULHUB	id:	VHN-60560
db:	VULMON	id:	CVE-2013-0558
db:	BID	id:	60986
db:	JVNDB	id:	JVNDB-2013-003201
db:	CNNVD	id:	CNNVD-201307-055
db:	NVD	id:	CVE-2013-0558

LAST UPDATE DATE

2024-08-14T13:01:34.606000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-60560	date:	2017-08-29T00:00:00
db:	VULMON	id:	CVE-2013-0558	date:	2017-08-29T00:00:00
db:	BID	id:	60986	date:	2013-07-01T00:00:00
db:	JVNDB	id:	JVNDB-2013-003201	date:	2013-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201307-055	date:	2013-07-04T00:00:00
db:	NVD	id:	CVE-2013-0558	date:	2017-08-29T01:33:06.357

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-60560	date:	2013-07-03T00:00:00
db:	VULMON	id:	CVE-2013-0558	date:	2013-07-03T00:00:00
db:	BID	id:	60986	date:	2013-07-01T00:00:00
db:	JVNDB	id:	JVNDB-2013-003201	date:	2013-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201307-055	date:	2013-07-04T00:00:00
db:	NVD	id:	CVE-2013-0558	date:	2013-07-03T13:54:31.040