CVE-2020-4566

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator Standard Edition versions 5.2.6.0 through 5.2.6.5 IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.0.3.2

Description The issue concerns the storage of potentially highly sensitive information in log files by IBM Sterling B2B Integrator Standard Edition. This information could be accessed by an authenticated user.

Recommendations For versions 5.2.6.0 through 5.2.6.5, consider restricting access to log files to minimize the risk of sensitive information exposure. For versions 6.0.0.0 through 6.0.3.2, consider implementing additional access controls to log files to prevent unauthorized access. As a temporary workaround, consider disabling log file access for authenticated users until a patch is available.