Login Sign Up

CVE-2021-29903

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2021-29903 is a SQL injection vulnerability in IBM Sterling B2B Integrator Standard Edition that allows remote attackers to execute arbitrary SQL commands. This could enable attackers to view, modify, or delete database information. Organizations running affected versions (5.2.6.0 through 6.1.1.0) are at risk.

💻 Affected Systems

Products:
  • IBM Sterling B2B Integrator Standard Edition
Versions: 5.2.6.0 through 6.1.1.0
Operating Systems: All supported platforms
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments within the affected version range are vulnerable regardless of configuration

📦 What is this software?

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the database including data theft, data destruction, and potential lateral movement to connected systems

🟠

Likely Case

Data exfiltration, unauthorized data modification, and potential privilege escalation

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place

🌐 Internet-Facing: HIGH - Remote attackers can exploit this vulnerability without authentication
🏢 Internal Only: HIGH - Even internal systems are vulnerable to authenticated or network-accessible attackers

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are commonly exploited and tooling exists for automated exploitation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply the fix as specified in IBM Security Bulletin

Vendor Advisory: https://www.ibm.com/support/pages/node/6495919

Restart Required: Yes

Instructions:

1. Review IBM Security Bulletin. 2. Apply the recommended fix or upgrade to a non-vulnerable version. 3. Restart the Sterling B2B Integrator service. 4. Verify the fix is applied.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for all database interactions

Network Segmentation

all

Restrict network access to the Sterling B2B Integrator to only trusted sources

🧯 If You Can't Patch

  • Implement a Web Application Firewall (WAF) with SQL injection protection rules
  • Restrict database user permissions to minimum required privileges

🔍 How to Verify

Check if Vulnerable:

Check the Sterling B2B Integrator version against the affected range (5.2.6.0 through 6.1.1.0)

Check Version:

Check the product version through the Sterling B2B Integrator administration console or configuration files

Verify Fix Applied:

Verify the version is updated beyond 6.1.1.0 or that the IBM-provided fix is applied

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL query patterns
  • Multiple failed login attempts followed by SQL errors
  • Database error messages in application logs

Network Indicators:

  • SQL keywords in HTTP requests (SELECT, UNION, INSERT, etc.)
  • Unusual database connection patterns

SIEM Query:

source="sterling_logs" AND ("sql error" OR "database error" OR "syntax error")

📊 Metadata

CVE ID: CVE-2021-29903
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: October 6, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-29903, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)