ID

VAR-201307-0295


CVE

CVE-2013-0567


TITLE

IBM Sterling B2B Integrator and Sterling File Gateway Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2013-003203

DESCRIPTION

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2985, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, and CVE-2013-0475. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. IBM Sterling B2B Integrator is a set of software that integrates B2B processes, transactions and relationships of different partner communities

Trust: 1.98

sources: NVD: CVE-2013-0567 // JVNDB: JVNDB-2013-003203 // BID: 60994 // VULHUB: VHN-60569

AFFECTED PRODUCTS

vendor:ibmmodel:sterling file gatewayscope:eqversion:2.2

Trust: 2.7

vendor:ibmmodel:sterling file gatewayscope:eqversion:2.1

Trust: 2.7

vendor:ibmmodel:sterling b2b integratorscope:eqversion:5.1

Trust: 2.4

vendor:ibmmodel:sterling b2b integratorscope:eqversion:5.2

Trust: 2.4

sources: BID: 60994 // JVNDB: JVNDB-2013-003203 // CNNVD: CNNVD-201307-057 // NVD: CVE-2013-0567

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-0567
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-0567
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201307-057
value: MEDIUM

Trust: 0.6

VULHUB: VHN-60569
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-0567
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-60569
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-60569 // JVNDB: JVNDB-2013-003203 // CNNVD: CNNVD-201307-057 // NVD: CVE-2013-0567

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-60569 // JVNDB: JVNDB-2013-003203 // NVD: CVE-2013-0567

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201307-057

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201307-057

CONFIGURATIONS

[
  {
    "CVE_data_version": "4.0",
    "nodes": [
      {
        "operator": "OR",
        "cpe_match": [
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:ibm:sterling_b2b_integrator"
          },
          {
            "vulnerable": true,
            "cpe22Uri": "cpe:/a:ibm:sterling_file_gateway"
          }
        ]
      }
    ]
  }
]

sources: JVNDB: JVNDB-2013-003203

PATCH

title:IC91151url:http://www-01.ibm.com/support/docview.wss?uid=swg1IC91151

Trust: 0.8

title:1640830url:http://www-01.ibm.com/support/docview.wss?uid=swg21640830

Trust: 0.8

sources: JVNDB: JVNDB-2013-003203

EXTERNAL IDS

db:NVDid:CVE-2013-0567

Trust: 2.8

db:JVNDBid:JVNDB-2013-003203

Trust: 0.8

db:CNNVDid:CNNVD-201307-057

Trust: 0.7

db:XFid:83164

Trust: 0.6

db:XFid:2

Trust: 0.6

db:AIXAPARid:IC91151

Trust: 0.6

db:BIDid:60994

Trust: 0.4

db:VULHUBid:VHN-60569

Trust: 0.1

sources: VULHUB: VHN-60569 // BID: 60994 // JVNDB: JVNDB-2013-003203 // CNNVD: CNNVD-201307-057 // NVD: CVE-2013-0567

REFERENCES

url:http://www-01.ibm.com/support/docview.wss?uid=swg21640830

Trust: 2.0

url:http://www-01.ibm.com/support/docview.wss?uid=swg1ic91151

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/83164

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0567

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0567

Trust: 0.8

url:http://xforce.iss.net/xforce/xfdb/83164

Trust: 0.6

url:http://www-03.ibm.com/software/products/us/en/file-gateway/

Trust: 0.3

sources: VULHUB: VHN-60569 // BID: 60994 // JVNDB: JVNDB-2013-003203 // CNNVD: CNNVD-201307-057 // NVD: CVE-2013-0567

CREDITS

IBM

Trust: 0.3

sources: BID: 60994

SOURCES

db:VULHUBid:VHN-60569
db:BIDid:60994
db:JVNDBid:JVNDB-2013-003203
db:CNNVDid:CNNVD-201307-057
db:NVDid:CVE-2013-0567

LAST UPDATE DATE

2024-08-14T12:39:04.712000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-60569date:2017-08-29T00:00:00
db:BIDid:60994date:2013-07-01T00:00:00
db:JVNDBid:JVNDB-2013-003203date:2013-10-24T00:00:00
db:CNNVDid:CNNVD-201307-057date:2013-07-04T00:00:00
db:NVDid:CVE-2013-0567date:2017-08-29T01:33:06.620

SOURCES RELEASE DATE

db:VULHUBid:VHN-60569date:2013-07-03T00:00:00
db:BIDid:60994date:2013-07-01T00:00:00
db:JVNDBid:JVNDB-2013-003203date:2013-07-04T00:00:00
db:CNNVDid:CNNVD-201307-057date:2013-07-04T00:00:00
db:NVDid:CVE-2013-0567date:2013-07-03T13:54:31.057