CVE-2025-1348
📋 TL;DR
This vulnerability allows a local user to access sensitive information from another user's web browser cache due to improper caching policies in IBM Sterling products. It affects IBM Sterling B2B Integrator and IBM Sterling File Gateway installations. Attackers must have local access to the system to exploit this information disclosure issue.
💻 Affected Systems
- IBM Sterling B2B Integrator
- IBM Sterling File Gateway
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Local attacker gains access to sensitive business data, credentials, or session information cached in another user's browser, potentially leading to data theft or privilege escalation.
Likely Case
Local user accesses cached administrative interface data or business transaction information, compromising data confidentiality.
If Mitigated
With proper access controls and browser security settings, impact is limited to low-privilege cached data.
🎯 Exploit Status
Exploitation requires local access to the system and knowledge of browser cache locations. No authentication bypass needed as it targets cached data.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Apply IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.2.7 or 6.2.0.5
Vendor Advisory: https://www.ibm.com/support/pages/node/7237068
Restart Required: Yes
Instructions:
1. Download the appropriate fix pack from IBM Fix Central. 2. Stop all Sterling services. 3. Apply the fix pack following IBM installation instructions. 4. Restart all services. 5. Verify the update was successful.
🔧 Temporary Workarounds
Configure Browser Cache Controls
allImplement HTTP headers to prevent browser caching of sensitive pages
Configure web server to add: Cache-Control: no-store, no-cache, must-revalidate
Add: Pragma: no-cache
Add: Expires: 0
Implement Session Timeout Policies
allReduce session duration and implement automatic logout to limit cached data exposure
Configure session timeout in web.xml or application settings
🧯 If You Can't Patch
- Implement strict access controls to limit local user access to Sterling systems
- Configure all user browsers to clear cache on exit and disable persistent caching for Sterling URLs
🔍 How to Verify
Check if Vulnerable:
Check current version against affected ranges: 6.0.0.0-6.1.2.6 or 6.2.0.0-6.2.0.4Check Version:
Check version in Sterling administration console or review installation logsVerify Fix Applied:
Verify version is 6.1.2.7 or higher, or 6.2.0.5 or higher. Test that sensitive pages include Cache-Control: no-store headers.📡 Detection & Monitoring
Log Indicators:
- Multiple failed cache access attempts from same local user
- Unusual browser cache access patterns
Network Indicators:
- None - this is a local information disclosure vulnerability
SIEM Query:
Search for local user accessing browser cache directories on Sterling servers