IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network.
http://www-01.ibm.com/support/docview.wss?uid=swg21981462
http://www-01.ibm.com/support/docview.wss?uid=swg1IT14835
Source: Mitre, NVD
Published: 2016-05-15
Updated: 2026-05-06
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
Severity: Medium
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: High
EPSS: 0.00267