CVE-2025-2988

📊 2.7 LOW⚡ 0.0%🎯 0 exploits

📅 Published Aug 19, 2025

📋 Status: Analyzed

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

6 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	ibm	sterling b2b integrator	≥ 6.0.0.0 ∧ < 6.1.2.7_1	Vulnerable	cpe:2.3:a:ibm:sterling_b2b_integrator::::::::
📱App	ibm	sterling b2b integrator	≥ 6.2.0.0 ∧ < 6.2.0.5	Vulnerable	cpe:2.3:a:ibm:sterling_b2b_integrator::::::::
📱App	ibm	sterling b2b integrator	6.2.1.0	Vulnerable	cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.0:::::::*
📱App	ibm	sterling file gateway	≥ 6.0.0.0 ∧ < 6.1.2.7_1	Vulnerable	cpe:2.3:a:ibm:sterling_file_gateway::::::::
📱App	ibm	sterling file gateway	≥ 6.2.0.0 ∧ < 6.2.0.5	Vulnerable	cpe:2.3:a:ibm:sterling_file_gateway::::::::
📱App	ibm	sterling file gateway	6.2.1.0	Vulnerable	cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.0:::::::*

📱

ibm / sterling b2b integrator

Application

Vulnerable

Version: ≥ 6.0.0.0 ∧ < 6.1.2.7_1

CPE:

cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*

📱

ibm / sterling b2b integrator

Application

Vulnerable

Version: ≥ 6.2.0.0 ∧ < 6.2.0.5

CPE:

cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*:*

📱

ibm / sterling b2b integrator

Application

Vulnerable

Version: 6.2.1.0

CPE:

cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.1.0:*:*:*:*:*:*:*

📱

ibm / sterling file gateway

Application

Vulnerable

Version: ≥ 6.0.0.0 ∧ < 6.1.2.7_1

CPE:

cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*

📱

ibm / sterling file gateway

Application

Vulnerable

Version: ≥ 6.2.0.0 ∧ < 6.2.0.5

CPE:

cpe:2.3:a:ibm:sterling_file_gateway:*:*:*:*:*:*:*:*

📱

ibm / sterling file gateway

Application

Vulnerable

Version: 6.2.1.0

CPE:

cpe:2.3:a:ibm:sterling_file_gateway:6.2.1.0:*:*:*:*:*:*:*

6 products•scroll for more

Metrics

2.7 LOWCVSS v3.1[email protected]

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

HIGH

User Interaction:

NONE

Confidentiality:

LOW

Integrity:

NONE

Availability:

NONE

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

2.7 (LOW)v3.1

Source: [email protected]

EPSS Details

0.0% (Minimal)10.8th percentile

Last updated: Oct 31, 2025

Exploitation probability within 30 days

Published Date

Aug 19, 2025 (2 months ago)

Last Modified

Sep 17, 2025 (1 month ago)

Security Weaknesses1

CWE-497

References2

NVDgeneral