CVE-2016-0210

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
08/02/2017
Last modified:
20/04/2025

Description

IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*