IBM Sterling Partner Engagement Manager 6.2.3.0 through 6... · CVE-2025-13723 · GitHub Advisory Database · GitHub

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6...

Moderate severity Unreviewed Published Mar 13, 2026 to the GitHub Advisory Database • Updated Mar 13, 2026

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive user information using an expired access token

References

Published by the National Vulnerability Database

Mar 13, 2026

Published to the GitHub Advisory Database Mar 13, 2026

Last updated Mar 13, 2026

Severity

Moderate

/ 10

CVSS v3 base metrics

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N