VDB

CVE-2024-31903

CVE-2024-31903 PUBLISHED CVSS 8.800000190734863 HIGH

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

EPSS 18.19% · 95.3th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
18.19%
95.3th percentile

Affected Products

VendorProductVersions
ibmsterling_b2b_integrator6.2.0.0, 6.0.0.0
IBMSterling B2B Integrator Standard Edition6.0.0.0, 6.2.0.0

Exploit Intelligence

…and 6 more exploits

Timeline

  • Oct 11, 2024 CVE Published
  • Jan 22, 2025 PoC Published
  • Jan 22, 2025 PoC Published
  • Jan 22, 2025 PoC Published
  • Jan 22, 2025 PoC Published
  • Jan 23, 2025 EPSS Score
  • Feb 2, 2025 Coalition ESS Score
  • Feb 22, 2025 EPSS Score
  • Mar 13, 2025 Coalition ESS Score
  • Mar 17, 2025 EPSS Score
  • Mar 19, 2025 EPSS Score
  • Mar 21, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›