CNNVD-202506-2544 Information

Jun 18, 2025 cve

CNNVD ID

CNNVD-202506-2544

CVE-2024-54172

  • CNNVD Published: 2025-06-18

Description (Chinese)

IBM Sterling B2B Integrator是美国国际商业机器(IBM)公司的一套集成了重要的B2B流程、交易和关系的软件。该软件支持与不同的合作伙伴社区之间实现复杂的B2B流程的安全集成。IBM Sterling File Gateway是美国国际商业机器(IBM)公司的一套文件传输软件。该软件可整合不同的文件传输活动中心,并帮助基于文件的数据通过因特网实现安全交换。是 IBM Sterling B2B Integrator和IBM Sterling File Gateway 6.0.0.0至6.1.2.6版本和6.2.0.0至6.2.0.4版本存在跨站请求伪造漏洞,该漏洞源于容易受到跨站请求伪造攻击。

Description (English)

IBM Sterling B2B Integrator is a set of software for the United States International Business Machine (IBM) that brings together important B2B processes, transactions and relationships. The software supports the safe integration of complex B2B processes with different partner communities. IBM Sterling File Gateway is a file transfer software package for IBM. The software integrates different document transfer activity centres and helps secure the exchange of document-based data via the Internet. Yes. IBM Sterling B2B Integrator and IBM Sterling File Gateway, versions 6.0.0 to 6.1.2.6 and 6.2.0.0 to 6.2.2.4, have a false gap in cross-site requests, which stems from their vulnerability to cross-site requests for false attacks.

Hazard Level

High

Vulnerability Type

跨站请求伪造

Affected Vendor

国际商业机器

Published

2025-06-18

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7237059

Patch

https://www.ibm.com/support/pages/node/7237059

Share on: