CVE-2013-0539

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator versions 5.1 through 5.2 IBM Sterling File Gateway versions 2.1 through 2.2

Description The issue allows remote attackers to hijack sessions and obtain sensitive information via a brute-force attack, due to the use of short session ID values in an unspecified third-party component.

Recommendations For IBM Sterling B2B Integrator versions 5.1 through 5.2, consider implementing additional session security measures to prevent brute-force attacks. For IBM Sterling File Gateway versions 2.1 through 2.2, restrict access to sensitive information until a more secure session management system is implemented. At the moment, there is no information about a newer version that contains a fix for this vulnerability.