Cyber Posture

CVE-2025-36368

Medium

Published: 13 March 2026

Published
13 March 2026
Modified
20 March 2026
KEV Added
Patch
CVSS Score 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0003 8.7th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-36368 is a medium-severity SQL Injection (CWE-89) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 8.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

CA-8 Penetration Testing
addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

SI-10 Information Input Validation
addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
attack.mitre.org →
Why these techniques?

SQL injection in a network-exposed B2B application directly enables T1190 (Exploit Public-Facing Application) for initial exploitation by an authenticated admin; successful queries allow unauthorized access/modification of backend database contents, mapping to T1213.006 (Data from Information Repositories: Databases).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view,…

more

add, modify, or delete information in the back-end database.

Deeper analysisAI

CVE-2025-36368 is a SQL injection vulnerability (CWE-89) affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway in versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1. Published on 2026-03-13, it carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N), indicating medium severity with high confidentiality and integrity impacts but no availability disruption.

The vulnerability can be exploited over the network with low complexity by an authenticated administrative user (PR:H) who sends specially crafted SQL statements. Successful exploitation enables the attacker to view, add, modify, or delete sensitive information in the back-end database, potentially leading to unauthorized data manipulation or exposure.

IBM's security advisory provides details on mitigation and patching; practitioners should consult https://www.ibm.com/support/pages/node/7263324 for fix information and recommended actions specific to affected versions.

Details

CWE(s)
CWE-89

Affected Products

ibm
sterling b2b integrator
6.1.0.0 — 6.1.2.8 · 6.2.0.0 — 6.2.0.5_2 · 6.2.1.0 — 6.2.1.1_2
ibm
sterling file gateway
6.1.0.0 — 6.1.2.8 · 6.2.0.0 — 6.2.0.5_2 · 6.2.1.0 — 6.2.1.1_2

CVEs Like This One

CVE-2026-1264Same product: Ibm Sterling B2B Integrator
CVE-2025-14031Same product: Ibm Sterling B2B Integrator
CVE-2025-13379Same vendor: Ibm
CVE-2023-50316Same product: Ibm Sterling B2B Integrator
CVE-2025-13214Same vendor: Ibm
CVE-2024-35148Same vendor: Ibm
CVE-2024-31903Same product: Ibm Sterling B2B Integrator
CVE-2026-23492Shared CWE-89
CVE-2019-25541Shared CWE-89
CVE-2023-49886Same vendor: Ibm

References