CVE-2025-1348

Published Jun 18, 2025

Last updated 24 days ago

CVSS medium 4.0

Overview

Description
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.
Source
psirt@us.ibm.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
4
Impact score
1.4
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

psirt@us.ibm.com
CWE-525

Social media

Hype score
Not currently trending

  1. CVE-2025-1348 Sensitive Information Disclosure in IBM Sterling B2B Integrator and File Gateway https://t.co/0dKz5KwRYi

    @VulmonFeeds

    18 Jun 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.