CVE-2024-31913 – IBM Sterling B2B Integrator is vulnerable to st... (How to Fix)

Q: What is the severity of CVE-2024-31913?

CVE-2024-31913 has a CVSS score of 5.5 (MEDIUM). IBM Sterling B2B Integrator is vulnerable to stored cross-site scripting (XSS) that allows authenticated users to inject malicious JavaScript into the web interface. This can lead to session hijacking or credential theft when other users view the compromised content. Affected versions are 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2.

📋 TL;DR

IBM Sterling B2B Integrator is vulnerable to stored cross-site scripting (XSS) that allows authenticated users to inject malicious JavaScript into the web interface. This can lead to session hijacking or credential theft when other users view the compromised content. Affected versions are 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2.

💻 Affected Systems

Products:

IBM Sterling B2B Integrator Standard Edition

Versions: 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access to exploit; all deployments with affected versions are vulnerable.

📦 What is this software?

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

Sterling B2b Integrator by Ibm

View all CVEs affecting Sterling B2b Integrator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator credentials, gain full system control, and compromise sensitive B2B transaction data.

🟠

Likely Case

Attackers steal user session cookies to impersonate legitimate users and access their data/privileges.

🟢

If Mitigated

Limited impact with proper input validation, output encoding, and Content Security Policy (CSP) headers.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access; stored XSS typically has low technical complexity.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Apply interim fix or upgrade to versions beyond affected ranges

Vendor Advisory: https://www.ibm.com/support/pages/node/7176081

Restart Required: Yes

Instructions:

1. Review IBM advisory. 2. Apply recommended interim fix or upgrade to patched version. 3. Restart application services. 4. Verify fix implementation.

🔧 Temporary Workarounds

Implement Content Security Policy

all

Add CSP headers to restrict script execution sources

Add 'Content-Security-Policy' header in web server configuration

Input Validation Filtering

all

Implement server-side input validation to sanitize user inputs

Configure application input validation rules

🧯 If You Can't Patch

Restrict user permissions to minimize attack surface
Implement web application firewall (WAF) with XSS protection rules

🔍 How to Verify

Check if Vulnerable:

Check application version against affected ranges in IBM advisory

Check Version:

Check application admin console or installation logs for version information

Verify Fix Applied:

Verify version is updated beyond vulnerable ranges and test XSS payloads

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript payloads in user input fields
Multiple failed XSS attempts

Network Indicators:

Suspicious script tags in HTTP POST requests to application endpoints

SIEM Query:

web_requests WHERE url CONTAINS 'sterling' AND (body CONTAINS '<script>' OR body CONTAINS 'javascript:')

📊 Metadata

CVE ID: CVE-2024-31913

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-79

EPSS Score: 0.04% exploit probability (12.6th percentile)

Published: January 6, 2025

Last Updated: March 5, 2025

🔗 References

https://www.ibm.com/support/pages/node/7176081 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-31913, you might also want to check these: