Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the denial of service security vulnerability Vulnerability Details CVEID:CVE-2025-23184 DESCRIPTION: A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and clients). CWE:CWE-400: Uncontrolled Resource Consumption CVSS Source: NVD CVSS Base score: 7.5 CVSS Vector:(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Affected Products and Versions Affected Product(s)| Version(s) —|— IBM Sterling B2B Integrator and IBM Sterling File Gateway| 6.0.0.0 – 6.1.2.7 IBM Sterling B2B Integrator and IBM Sterling File Gateway| 6.2.0.0 – 6.2.0.4, 6.2.1.0 Remediation/Fixes Product| Version| APAR| Remediation & Fix —|—|—|— IBM Sterling B2B Integrator and IBM Sterling File Gateway| 6.0.0.0 – 6.1.2.7| IT48295| Apply B2Bi 6.1.2.7_1. 6.2.0.5 or 6.2.1.1 IBM Sterling B2B Integrator and IBM Sterling File Gateway| 6.2.0.0 – 6.2.0.4, 6.2.1.0| IT48295| Apply B2Bi 6.2.0.5 or 6.2.1.1 The IIM versions of 6.1.2.7_1, 6.2.0.5 and 6.2.1.1 are available on Fix Central. The container version of 6.1.2.7_1, 6.2.0.5 and 6.2.1.1 are available in IBM Entitled Registry. Workarounds and Mitigations…Read More