CVE-2012-5766

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator versions 5.1 through 5.2 IBM Sterling File Gateway versions 2.1 through 2.2

Description The issue involves multiple SQL injection vulnerabilities that allow remote authenticated users to execute arbitrary SQL commands. This is achieved through vectors involving the RNVisibility page and unspecified screens.

Recommendations For IBM Sterling B2B Integrator versions 5.1 through 5.2, consider restricting access to the RNVisibility page until a fix is available. For IBM Sterling File Gateway versions 2.1 through 2.2, avoid using unspecified screens that may be vulnerable to SQL injection attacks until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.