IBM Sterling B2B Integrator and IBM Sterling File Gateway link...

5.4 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser.

Basic Information

ID CVE-2025-33014

Source ibm

Published Jul 18, 2025 at 18:51

Modified Jul 22, 2025 at 14:52

Affected Product

Vendor IBM

Product Sterling B2B Integrator

Version 6.0.0.0

Affected Versions IBM Sterling B2B Integrator 6.0.0.0
IBM Sterling B2B Integrator 6.2.0.0
IBM Sterling File Gateway 6.0.0.0
IBM Sterling File Gateway 6.2.0.0

CWE Classification

CWE-1022

References

www.ibm.com /support/pages/node/7240065

{
    "lastseen": "",
    "description": "IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4\u00a0uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims\u2019 web browser.",
    "published": "2025-07-18T18:51:05.486Z",
    "modified": "2025-07-22T14:52:03.687Z",
    "type": "cve",
    "title": "IBM Sterling B2B Integrator and IBM Sterling File Gateway link injection",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7240065",
    "id": "CVE-2025-33014",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1022"
    ],
    "cvelist": null,
    "sourceData": "IBM Sterling B2B Integrator 6.0.0.0\nIBM Sterling B2B Integrator 6.2.0.0\nIBM Sterling File Gateway 6.0.0.0\nIBM Sterling File Gateway 6.2.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Sterling B2B Integrator",
    "version": "6.0.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

IBM Sterling B2B Integrator and IBM Sterling File Gateway link injection_CVE-2025-33014