IBM Sterling B2B Integrator and IBM Sterling File Gateway information...

3.7 / 10

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.

Basic Information

ID CVE-2025-36134

Source ibm

Published Nov 25, 2025 at 14:40

Modified Nov 25, 2025 at 14:49

Affected Product

Vendor IBM

Product Sterling B2B Integrator

Version 6.0.0.0

Affected Versions IBM Sterling B2B Integrator 6.0.0.0
IBM Sterling B2B Integrator 6.2.0.0
IBM Sterling B2B Integrator 6.2.1.1
IBM Sterling File Gateway 6.0.0.0
IBM Sterling File Gateway 6.2.0.0
IBM Sterling File Gateway 6.2.1.1

CWE Classification

CWE-1275

References

www.ibm.com /support/pages/node/7252210

{
    "lastseen": "",
    "description": "IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1\u00a0could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.",
    "published": "2025-11-25T14:40:55.959Z",
    "modified": "2025-11-25T14:49:21.608Z",
    "type": "cve",
    "title": "IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7252210",
    "id": "CVE-2025-36134",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1275"
    ],
    "cvelist": null,
    "sourceData": "IBM Sterling B2B Integrator 6.0.0.0\nIBM Sterling B2B Integrator 6.2.0.0\nIBM Sterling B2B Integrator 6.2.1.1\nIBM Sterling File Gateway 6.0.0.0\nIBM Sterling File Gateway 6.2.0.0\nIBM Sterling File Gateway 6.2.1.1",
    "sourceHref": "",
    "cvss": {
        "score": 3.7,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Sterling B2B Integrator",
    "version": "6.0.0.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure_CVE-2025-36134