CVE-2025-36112

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.ibm.com/support/pages/node/7252197	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:sterling_b2b_integrator::::::::
	cpe:2.3:a:ibm:sterling_b2b_integrator::::::::
	cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.1:::::::*
	cpe:2.3:a:ibm:sterling_file_gateway::::::::
	cpe:2.3:a:ibm:sterling_file_gateway::::::::
	cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.1:::::::*

History

01 Dec 2025, 16:05

Type	Values Removed	Values Added
CPE		cpe:2.3:a:ibm:sterling_b2b_integrator:::::::: cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.1:::::::* cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.1:::::::* cpe:2.3:a:ibm:sterling_file_gateway::::::::
First Time		Ibm Ibm sterling File Gateway Ibm sterling B2b Integrator
References	~~() https://www.ibm.com/support/pages/node/7252197 -~~	() https://www.ibm.com/support/pages/node/7252197 - Vendor Advisory

24 Nov 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-24 19:15

Updated : 2025-12-01 16:05

NVD link : CVE-2025-36112

Mitre link : CVE-2025-36112

CVE.ORG link : CVE-2025-36112

JSON object : View

Products Affected

ibm

sterling_b2b_integrator
sterling_file_gateway

CWE

CWE-497

Exposure of Sensitive System Information to an Unauthorized Control Sphere

{"id": "CVE-2025-36112", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2025-11-24T19:15:48.283", "references": [{"url": "https://www.ibm.com/support/pages/node/7252197", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-497"}]}], "descriptions": [{"lang": "en", "value": "IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1\u00a0could reveal sensitive server IP configuration information to an unauthorized user."}], "lastModified": "2025-12-01T16:05:56.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE818255-FEE2-453A-8230-81986F93954E", "versionEndExcluding": "6.1.2.7_2", "versionStartIncluding": "6.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E7BD82C-7A6C-44C3-BE64-FFF75700EED1", "versionEndExcluding": "6.2.0.5_1", "versionStartIncluding": "6.2.0.0"}, {"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4ACC673-C9A9-4149-821E-5A60603141DD"}, {"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2831DF62-E968-4B8F-A4DA-E0752F9B5D9B", "versionEndExcluding": "6.1.2.7_2", "versionStartIncluding": "6.0.0.0"}, {"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CF6DF92-A6D4-4FBB-8662-5BE9D814D911", "versionEndExcluding": "6.2.0.5_1", "versionStartIncluding": "6.2.0.0"}, {"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B08AE6F-BE1D-4353-BD4A-259284624BCB"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}