CVE-2013-0539

high

Description

An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive information, via a brute-force attack.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82916

http://www-01.ibm.com/support/docview.wss?uid=swg21640830

http://www-01.ibm.com/support/docview.wss?uid=swg1IC92007

Details

Source: Mitre, NVD

Published: 2013-07-03

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00275