Vulnerability Description
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling B2B Integrator | >= 5.2.0.0, <= 5.2.6.5_2 |
| Hp | Hp-Ux | - |
| Ibm | Aix | - |
| Ibm | I | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Oracle | Solaris | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/172452VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6396172Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/172452VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6396172Vendor Advisory
FAQ
What is CVE-2019-4728?
CVE-2019-4728 is a vulnerability with a CVSS score of 8.8 (HIGH). IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deseri...
How severe is CVE-2019-4728?
CVE-2019-4728 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-4728?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling B2B Integrator, Hp Hp-Ux, Ibm Aix, Ibm I, Linux Linux Kernel.