IBM Support

IC90483: Security Vulnerability: Information Disclosure (CVE-2013-0558)

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Information Disclosure vulnerability is found in various areas
    of IBM Sterling B2B Integrator and IBM Sterling File Gateway. A
    remote attacker could exploit this vulnerability to gain insight
     into application implementation details to form further
    attacks.
    

Local fix

  • STRRTC - 366416
    BD / BD
    Circumvention: None
    

Problem summary

  • Users Affected:
    All Users.
    
    Problem Description:
    Information disclosure in IBM Sterling B2B Integrator and IBM
    Sterling File Gateway
    
    Platforms Affected:
    All platforms.
    

Problem conclusion

  • Resolution Summary:
    Security vulnerability has been resolved.
    
    Delivered In:
    5104_1
    5020401_3
    5010
    5020402
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC90483

  • Reported component name

    STR B2B INTEGRA

  • Reported component ID

    5725D0600

  • Reported release

    522

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-02-28

  • Closed date

    2013-03-21

  • Last modified date

    2013-12-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    STR B2B INTEGRA

  • Fixed component ID

    5725D0600

Applicable component levels

  • R524 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.2","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Document Information

Modified date:
06 December 2013