CVE-2025-36368 in Sterling B2B Integrator
Summary
by MITRE • 03/13/2026
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 03/20/2026
This vulnerability exists within IBM Sterling B2B Integrator and IBM Sterling File Gateway versions ranging from 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1. The flaw represents a classic SQL injection vulnerability that allows authenticated administrative users to execute arbitrary SQL commands against the backend database. The vulnerability stems from insufficient input validation and sanitization within the application's database interaction layers, particularly in administrative functions that process user-supplied parameters directly into SQL queries without proper parameterization or escaping mechanisms.
The technical implementation of this vulnerability occurs when administrative users submit specially crafted SQL statements through the application's administrative interface or API endpoints. These crafted inputs bypass the application's normal input validation processes and are directly incorporated into database queries, enabling attackers to manipulate the underlying database structure. This type of vulnerability maps directly to CWE-89 SQL Injection, which is classified as a critical weakness in the CWE taxonomy due to its potential for data compromise and system escalation. The attack vector specifically aligns with ATT&CK technique T1071.004 Application Layer Protocol: DNS, as the vulnerability can be exploited through legitimate administrative interfaces that may appear to be normal application functionality to network monitoring systems.
The operational impact of this vulnerability is severe and multifaceted, as it provides attackers with full administrative privileges over the database backend. Successful exploitation could result in unauthorized data access, data modification, or complete data destruction within the organization's B2B integration environment. The vulnerability affects critical business processes that rely on these platforms for electronic data interchange and file transfer operations, potentially compromising sensitive business data, customer information, and proprietary business documents. Organizations using these versions face significant risk of data breaches, compliance violations, and operational disruption that could impact their supply chain relationships and regulatory compliance obligations.
Mitigation strategies should prioritize immediate patching of affected versions to the latest available releases that address this vulnerability. Organizations should implement strict access controls and principle of least privilege for administrative accounts, ensuring that only authorized personnel have access to administrative functions. Network segmentation and monitoring should be enhanced to detect unusual database query patterns or administrative activities that may indicate exploitation attempts. Additionally, implementing proper input validation, parameterized queries, and regular security assessments can help prevent similar vulnerabilities from emerging in the future. The vulnerability also highlights the importance of maintaining up-to-date security patches and conducting regular vulnerability assessments of critical business applications to prevent exploitation of known weaknesses in enterprise integration platforms.