Security Bulletin: Vulnerability in IBM® Sterling B2B Integrator can lead to ability to execute OS commands from CLA2 server without authentication (CVE-2012-5937).
IBM PSIRT 270004PFE3 firstname.lastname@example.org | | Tags:  psirthigh psirtindustry
0 Comments | 370 Visits
A security vulnerability exists in the Sterling B2B Integrator CLA2 server which permits an unauthenticated user to execute arbitrary OS commands.
Affected product(s) & Affected version(s):
Gentran Integration Suite 4.3
Sterling Integrator 5.0
Sterling Integrator 5.1
Sterling B2B Integrator 5.2
Sterling File Gateway 1.1
Sterling File Gateway 2.0
Sterling File Gateway 2.1
IBM® Sterling File Gateway 2.2
Refer to the following reference URLs for remediation and additional vulnerability details.