CVE-2025-33014

Medium CVSS 5.4

Overview

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser.

CWE: CWE-1022 Published: 2025-07-18T19:15:22.830

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.4 (MEDIUM)
Detected tags: info_leak (tag impact: LOW)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.

Overview

Recommended tools

Tags