Login Sign Up

CVE-2021-29837

8.8 HIGH
CSRF

📋 TL;DR

This CSRF vulnerability in IBM Sterling B2B Integrator allows attackers to trick authenticated users into performing unauthorized actions by sending malicious requests from their browsers. It affects IBM Sterling B2B Integrator Standard Edition versions 5.2.0.0 through 6.1.1.0. The vulnerability could lead to data manipulation, configuration changes, or other malicious activities.

💻 Affected Systems

Products:
  • IBM Sterling B2B Integrator Standard Edition
Versions: 5.2.0.0 through 6.1.1.0
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all deployments of the specified versions regardless of configuration.

📦 What is this software?

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the B2B integration platform allowing data exfiltration, system configuration changes, or disruption of business-to-business transactions.

🟠

Likely Case

Unauthorized data access or modification, configuration changes affecting business processes, or privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper CSRF protections and user awareness, potentially no successful exploitation.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires tricking an authenticated user into visiting a malicious page while logged into the application.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply interim fix or upgrade to version 6.1.1.1 or later

Vendor Advisory: https://www.ibm.com/support/pages/node/6495907

Restart Required: Yes

Instructions:

1. Download the appropriate fix from IBM Fix Central. 2. Apply the interim fix following IBM's installation instructions. 3. Restart the IBM Sterling B2B Integrator service. 4. Verify the fix is applied correctly.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add anti-CSRF tokens to all state-changing requests

SameSite Cookie Attribute

all

Set SameSite=Strict or Lax attributes on session cookies

🧯 If You Can't Patch

  • Implement web application firewall rules to detect and block CSRF attempts
  • Educate users about CSRF risks and safe browsing practices

🔍 How to Verify

Check if Vulnerable:

Check the IBM Sterling B2B Integrator version via the admin console or configuration files

Check Version:

Check the version in the application's admin interface or configuration files

Verify Fix Applied:

Verify the applied fix version in the admin console or check for CSRF protection headers in requests

📡 Detection & Monitoring

Log Indicators:

  • Unexpected configuration changes
  • Unauthorized actions from authenticated users
  • Multiple failed state-changing requests

Network Indicators:

  • Requests without proper referrer headers
  • State-changing requests from unexpected sources

SIEM Query:

source="sterling-b2b" AND (action="modify" OR action="delete" OR action="create") AND referrer NOT CONTAINS "expected-domain"

📊 Metadata

CVE ID: CVE-2021-29837
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: October 6, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-29837, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)