IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21967781 | Vendor Advisory |
http://www-01.ibm.com/support/docview.wss?uid=swg1IT11008 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2015-11-08 14:59
Updated : 2015-11-09 12:11
NVD link : CVE-2015-5019
Mitre link : CVE-2015-5019
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
ibm
- sterling_integrator
- sterling_b2b_integrator