Security Advisory

IBM Product Security Update Advisory

  • Mar 24 2026
IBM Product Security Update Advisory

overview

We have released security updates that address vulnerabilities in IBM products. users of affected products are encouraged to update to the latest version.

affected products

Cve-2025-14031, cve-2026-1264

IBM Sterling B2B Integrator and IBM Sterling File Gateway versions: 6.1.0.0 or later and 6.1.2.7_2 or earlier
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions: 6.2.0.0 or later and 6.2.0.5_1 or earlier
IBM Sterling B2B Integrator and IBM Sterling File Gateway versions: 6.2.1.0 or later and 6.2.1.1_1 or earlier
IBM Sterling B2B Integrator and IBM Sterling File Gateway version: 6.2.2.0

CVE-2026-1376

IBM i Version: 7.6

resolved Vulnerabilities

Access control vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-14031)
Access control vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2026-1264)
Denial of Service Vulnerability in IBM i (CVE-2026-1376)

vulnerability patches

Vulnerability patches have been made available in the latest update. please follow the instructions on the reference site to update to the latest version of the vulnerability patch.

Cve-2025-14031, cve-2026-1264

Applies to IBM Sterling B2B Integrator and IBM Sterling File Gateway versions: B2Bi 6.1.2.8, 6.2.0.5_2, 6.2.1.1_2, or 6.2.2.0_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway version: Apply B2Bi 6.2.0.5_2, 6.2.1.1_2, or 6.2.2.0_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway version: Apply B2Bi 6.2.1.1_2 or 6.2.2.0_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway version: Apply B2Bi 6.2.2.0_1

CVE-2026-1376

See the reference site to download the patch[3][4]

references

[1] Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control security vulnerability in Ops server (CVE-2025-14031)
https://www.ibm.com/support/pages/node/7266520
[2] Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control vulnerability in AFT web app ( CVE-2026-1264 )
https://www.ibm.com/support/pages/node/7266518
[3] Security Bulletin: IBM i is affected by a denial of service vulnerability [CVE-2026-1376]
https://www.ibm.com/support/pages/node/7266422
[4] SJ09012 – SC1_UTL CVE Fix
https://www.ibm.com/mysupport/s/fix-information/aDrgJ0000008PxJSAU/fi0138746?language=en_US

Tags:
Previous Post

Next Post