CVE-2025-1348 Vulnerability Analysis & Exploit Details

CVE-2025-1348 Vulnerability Summary

CVE-2025-1348: IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.

CVE-2025-1348 References

External References

• https://www.ibm.com/support/pages/node/7237068

CWE Common Weakness Enumeration

CAPEC Common Attack Pattern Enumeration and Classification

• Retrieve Embedded Sensitive Data CAPEC-37 An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.

Vulnerable Configurations

• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.1:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.1:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.2.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.2.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.2.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.2.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.1:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.5:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.5:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.5:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.5:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.6:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.6:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.6:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.6:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.7:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.7:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.8:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.8:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.9:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.9:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.9:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.3.9:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.4:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.4:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.5:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.5:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.6:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.0.6:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.1:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.1:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.3:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.1.3:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.0:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.0:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.1:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.1:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.3:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.3:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.1.2.3:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.0.2:*:*:*:standard:*:*:*
  cpe:2.3:a:ibm:sterling_b2b_integrator:6.2.0.2:*:*:*:standard:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.3:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.0.4:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.1.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.2.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.4:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.5:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.5:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.6:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.6:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.9:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.9:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.4:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.5:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.0.5:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.3:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.1.4:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.3:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.4:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.5:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.5:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.6:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.1.2.6:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.0:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.1:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.1:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.2:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.2:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.3:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.3:*:*:*:*:*:*:*
• cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.4:*:*:*:*:*:*:*
  cpe:2.3:a:ibm:sterling_file_gateway:6.2.0.4:*:*:*:*:*:*:*
• cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
  cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
• cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
  cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
• cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
  cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Other 5 Recently Published CVEs Vulnerabilities

• CVE-2025-52390 – Saurus CMS Community Edition since commit d886e5b0 (2010-04-23) is vulnerable to a SQL Injection vulnerability in the `prepareSearchQuery()` method...
• CVE-2025-52361 – Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authenticated ...
• CVE-2025-52327 – SQL Injection vulnerability in Restaurant Order System 1.0 allows a local attacker to obtain sensitive information via the payment.php file
• CVE-2025-50472 – The modelscope/ms-swift library thru 2.6.1 is vulnerable to arbitrary code execution through deserialization of untrusted data within the `load_mod...
• CVE-2025-50460 – A remote code execution (RCE) vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.l...