CVE-2025-4897 — Vulnetix

CVE-2025-4897 PUBLISHED CVSS 7.5 HIGH

IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 could allow an unauthenticated attacker to send a specially crafted request that causes the application to crash.

EPSS 1.03% · 77.7th percentile

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

1.03%

77.7th percentile

Affected Products

Vendor	Product	Versions
IBM	Sterling B2B Integrator	6.1.0.0, 6.2.0.0, 6.2.1.0

Exploit Intelligence

https://www.ibm.com/support/pages/node/7266520 (circl)
CIRCL seen: CVE-2025-14031 (circl-sighting)
CIRCL seen: CVE-2025-14031 (circl-sighting)
https://github.com/byxs0x0/cve2/blob/main/tenda%20AC15.md (cve.org)
csi_rules.yara (github-yara)
csi_rules.yara (github-yara)
csi_rules.yara (github-yara)
csi_rules.yara (github-yara)
csi_rules.yara (github-yara)

Timeline

Jun 28, 2021 PoC Published
May 18, 2025 CVE Published
May 19, 2025 EPSS Score
May 19, 2025 CVE Updated
May 30, 2025 EPSS Score
Jun 10, 2025 EPSS Score
Jun 22, 2025 EPSS Score
Jul 3, 2025 EPSS Score
Jul 14, 2025 EPSS Score
Jul 25, 2025 EPSS Score
Aug 6, 2025 EPSS Score
Aug 17, 2025 EPSS Score

References

https://www.ibm.com/support/pages/node/7266518 advisory
https://www.ibm.com/support/pages/node/7263574 advisory
https://www.ibm.com/support/pages/node/7266520 advisory
https://www.ibm.com/support/pages/node/7266678 advisory
https://www.ibm.com/support/pages/node/7266497 advisory
https://www.ibm.com/support/pages/node/7266324 advisory
https://www.ibm.com/support/pages/node/7266711 advisory
https://www.ibm.com/support/pages/node/7266677 advisory
https://www.ibm.com/support/pages/node/7266399 advisory
https://www.ibm.com/support/pages/node/7266321 advisory

Open in Interactive Console →