CVE-2025-36063 identifies a vulnerability classified under CWE-613 (Insufficient Session Expiration) in IBM Sterling Connect:Express Adapter for Sterling B2B Integrator version 5.2.0. The issue arises because the application fails to invalidate user sessions after logout, leaving session tokens or identifiers active and reusable. This flaw enables an authenticated user to impersonate another user by reusing the session, potentially gaining unauthorized access to sensitive business data or functions. The vulnerability affects versions from 5.2.0.00 through 5.2.0.12. The CVSS v3.1 base score is 6.3 (medium), reflecting network attack vector, low attack complexity, required privileges (authenticated user), no user interaction, and impacts on confidentiality, integrity, and availability. The vulnerability does not require user interaction but does require the attacker to have authenticated access, which limits exploitation to insiders or compromised accounts. No public exploits are known yet, but the risk remains significant due to the sensitive nature of B2B integrations handled by the product. The lack of session invalidation after logout can lead to session fixation or session hijacking scenarios, undermining trust in the system's authentication mechanisms. The vulnerability is particularly critical in environments where multiple users share systems or where session tokens are stored insecurely. IBM has not yet published patches, so organizations must rely on compensating controls until updates are available.

For European organizations, this vulnerability poses a risk to the confidentiality and integrity of sensitive business-to-business transactions, which are often critical for supply chain operations, financial exchanges, and regulatory compliance. Unauthorized session reuse could allow attackers to access confidential data, manipulate transaction records, or disrupt business processes, potentially leading to financial losses, reputational damage, and regulatory penalties under GDPR and other data protection laws. The availability impact, while rated lower, could manifest if attackers disrupt session management or cause denial of service through session abuse. Organizations in sectors such as manufacturing, finance, logistics, and telecommunications that rely heavily on IBM Sterling B2B Integrator for secure data exchange are particularly vulnerable. The medium severity rating indicates that while exploitation requires authenticated access, the potential damage from session impersonation is significant, especially in multi-user or shared environments. Given the cross-border nature of B2B transactions in Europe, the impact could cascade across multiple countries and partners.

Immediate mitigation should focus on enforcing strict session management policies, including reducing session timeout durations and monitoring for anomalous session reuse patterns. Organizations should audit current session handling configurations and restrict session token lifetimes where possible. Network segmentation and access controls should limit authenticated user privileges to the minimum necessary to reduce the risk of insider threat exploitation. Multi-factor authentication (MFA) can help reduce the risk of compromised credentials leading to session hijacking. Until IBM releases official patches, consider implementing web application firewalls (WAFs) or intrusion detection systems (IDS) to detect and block suspicious session reuse attempts. Regularly review and revoke inactive or stale sessions manually if automated invalidation is not possible. Once IBM publishes patches or updates, prioritize their deployment in all affected environments. Additionally, educate users about the importance of proper logout procedures and session security to minimize risks from session persistence.