Integration News
IBM Sterling B2B Integrator is affected by vulnerability in JDOM
IBM Sterling B2B Integrator uses JDOM.
Vulnerability Details
CVEID: CVE-2021-33813
Description: JDOM is vulnerable to a denial of service, caused by an XXE issue in SAXBuilder. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to cause the a denial of service.
CVSS Base score: 5.3
CVSS Temporal Score: Click here.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Affected Products and Versions
Remediation/Fixes
The IIM versions of 6.0.3.9, 6.1.0.8, 6.1.1.4, and 6.1.2.3 are available on Fix Central. The IIM version of 6.2.0.0 is available on Passport Advantage
The container version of 6.1.0.8, 6.1.1.4, 6.1.2.3 and 6.2.0.0 are available in IBM Entitled Registry.
Workarounds and Mitigations
None.
Haga clic en el siguiente botón para descargar este boletín en formato Pdf.
