Home

CVE-2014-6146

Description

IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files.

Risk Information

Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.061

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in IBM Sterling B2B Integrator 5.2.4Windows
Vulnerabilities CVE-2014-6146,CVE-2014-6199,CVE-2016-6020,CVE-2017-1496 are affected in IBM Sterling B2B Integrator 5.2.1Windows
Vulnerabilities CVE-2014-6146,CVE-2014-6199,CVE-2016-6020,CVE-2017-1496 are affected in IBM Sterling B2B Integrator 5.2.2Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234