Cyber Resilience

CVE-2023-38739

Medium

Published: 31 January 2025

Published
31 January 2025
Modified
05 March 2025
KEV Added
Patch
CVSS Score v3.1 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS Score 0.0013 31.4th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-38739 is a medium-severity CSRF (CWE-352) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 4.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 31.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-23 (Session Authenticity) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2023-38739 is a cross-site request forgery (CSRF) vulnerability, mapped to CWE-352, in IBM Sterling B2B Integrator versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3. Published on 2025-01-31, it carries a CVSS v3.1 base score of 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N), indicating medium severity with network accessibility, low attack complexity, no required privileges, user interaction needed, and low integrity impact.

An unauthenticated attacker can exploit this by crafting a malicious webpage or link that, when visited by an authenticated user, triggers unauthorized requests to the vulnerable IBM Sterling B2B Integrator instance. This allows the attacker to execute malicious actions on behalf of the trusted user, such as modifying application state or performing unintended operations, relying on the absence of proper CSRF protections.

IBM's security advisory at https://www.ibm.com/support/pages/node/7182004 provides details on the vulnerability, including recommended patches and mitigation guidance for affected versions. Security practitioners should review this resource promptly to apply updates and implement defenses like CSRF tokens.

EU & UK References

Vulnerability details

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

CSRF in public-facing web app directly enables exploitation of the application to perform unauthorized actions via crafted links/pages.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2024-31903Same product: Ibm Sterling B2B Integrator
CVE-2023-50316Same product: Ibm Sterling B2B Integrator
CVE-2026-1264Same product: Ibm Sterling B2B Integrator
CVE-2025-36368Same product: Ibm Sterling B2B Integrator
CVE-2025-14031Same product: Ibm Sterling B2B Integrator
CVE-2023-49886Same vendor: Ibm
CVE-2024-39750Same vendor: Ibm
CVE-2026-9170Same vendor: Ibm
CVE-2026-8175Same vendor: Ibm
CVE-2026-7876Same vendor: Ibm

Affected Assets

ibm
sterling b2b integrator
6.0.0.0 — 6.1.2.5 · 6.2.0.0 — 6.2.0.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 directly addresses the CVE by requiring identification, reporting, and correction of the specific CSRF flaw through vendor-recommended patches.

prevent

SC-23 enforces session authenticity mechanisms like CSRF tokens to prevent attackers from executing unauthorized actions on behalf of authenticated users.

prevent

SI-10 requires validation of information inputs, including CSRF tokens or origin headers, to block forged requests exploiting the vulnerability.

References