CVE-2025-36368
Published: 13 March 2026
Summary
CVE-2025-36368 is a medium-severity SQL Injection (CWE-89) vulnerability in Ibm Sterling B2B Integrator. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 9.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).
Deeper analysis
CVE-2025-36368 is a SQL injection vulnerability (CWE-89) affecting IBM Sterling B2B Integrator and IBM Sterling File Gateway in versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1. Published on 2026-03-13, it carries a CVSS v3.1 base score of 6.5 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N), indicating medium severity with high confidentiality and integrity impacts but no availability disruption.
The vulnerability can be exploited over the network with low complexity by an authenticated administrative user (PR:H) who sends specially crafted SQL statements. Successful exploitation enables the attacker to view, add, modify, or delete sensitive information in the back-end database, potentially leading to unauthorized data manipulation or exposure.
IBM's security advisory provides details on mitigation and patching; practitioners should consult https://www.ibm.com/support/pages/node/7263324 for fix information and recommended actions specific to affected versions.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-208665
Vulnerability details
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 through 6.2.1.1_1 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view,…
more
add, modify, or delete information in the back-end database.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
SQL injection in a network-exposed B2B application directly enables T1190 (Exploit Public-Facing Application) for initial exploitation by an authenticated admin; successful queries allow unauthorized access/modification of backend database contents, mapping to T1213.006 (Data from Information Repositories: Databases).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of all input (including administrative SQL statements) to reject crafted queries that enable unauthorized database access or modification.
Restricts the database privileges granted to administrative accounts so that even a successful SQL injection yields only the minimal actions needed for B2B/FG operations.
Monitors for anomalous SQL patterns or unexpected database activity originating from the administrative interface of the affected IBM Sterling components.