CNNVD-202601-3212 Information
CNNVD ID
CNNVD-202601-3212
Related CVE
- CNNVD Published: 2026-01-20
Description (Chinese)
IBM Sterling Connect:Express Adapter for Sterling是美国国际商业机器(IBM)公司的一个通信适配器。 IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0.00版本至5.2.0.12版本存在授权问题漏洞,该漏洞源于使用后未禁止会话ID,可能导致经过身份验证的用户冒充系统上的其他用户。
Description (English)
IBM Sterling Connect: Express Adapter for Sterling is a communications adapter for the United States International Business Machine (IBM). The IBM Sterling Contact: Express Adapter for Sterling B2B Integrator 5.2.0.00 to 5.2.0.12 has a bug in the delegation of authority, which stems from the fact that, after use, session ID is not banned and may lead to other users of the identity-verified system.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
国际商业机器
Published
2026-01-20
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7257244
Patch
https://www.ibm.com/support/pages/node/7257244
Share on: