CVE-2023-50316

Name of the Vulnerable Software and Affected Versions IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.1

Description The issue is related to the lack of protection against SQL injection attacks. A remote attacker could send specially crafted SQL statements to view, add, modify, or delete information in the back-end database. This could allow the attacker to gain unauthorized access to data.

Recommendations For IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5, update to a version that includes the fix for this issue. For IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.1, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the SQL database to minimize the risk of exploitation.