CVE-2025-2988 | THREATINT

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

PUBLISHED Reserved 2025-03-30 | Published 2025-08-19 | Updated 2025-08-19 | Assigner ibm

LOW: 2.7CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

Product status

Default status

unaffected

6.0.0.0

affected

6.2.0.0

affected

6.2.1.0

affected

Default status

unaffected

6.0.0.0

affected

6.2.0.0

affected

6.2.1.0

affected

References

www.ibm.com/support/pages/node/7242391 vendor-advisory patch

cve.org (CVE-2025-2988)

nvd.nist.gov (CVE-2025-2988)

Download JSON

help @ threatint.eu