Ibm

Sterling File Gateway

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-36134

  • EPSS 0.04%
  • Veröffentlicht 25.11.2025 14:40:55
  • Zuletzt bearbeitet 01.12.2025 15:05:10

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.

5.3

CVE-2025-36112

  • EPSS 0.03%
  • Veröffentlicht 24.11.2025 18:25:03
  • Zuletzt bearbeitet 01.12.2025 16:05:56

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user.

5.4

CVE-2025-36135

  • EPSS 0.03%
  • Veröffentlicht 07.11.2025 18:26:57
  • Zuletzt bearbeitet 12.11.2025 16:20:22

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows...

5.5

CVE-2025-36002

  • EPSS 0.01%
  • Veröffentlicht 16.10.2025 14:54:53
  • Zuletzt bearbeitet 25.10.2025 02:15:39

IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user.

4.9

CVE-2025-2667

  • EPSS 0.04%
  • Veröffentlicht 04.09.2025 14:45:23
  • Zuletzt bearbeitet 10.09.2025 17:19:28

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 could disclose sensitive system information about the server to a privileged user th...

4.8

CVE-2025-2694

  • EPSS 0.03%
  • Veröffentlicht 04.09.2025 14:43:26
  • Zuletzt bearbeitet 10.09.2025 17:15:33

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows a privileged user t...

6.5

CVE-2025-2988

  • EPSS 0.04%
  • Veröffentlicht 19.08.2025 19:15:58
  • Zuletzt bearbeitet 17.09.2025 17:56:23

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.

5.4

CVE-2025-33008

  • EPSS 0.04%
  • Veröffentlicht 19.08.2025 19:03:36
  • Zuletzt bearbeitet 18.09.2025 15:34:07

IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

6.1

CVE-2025-33014

  • EPSS 0.05%
  • Veröffentlicht 18.07.2025 18:51:05
  • Zuletzt bearbeitet 02.08.2025 01:42:27

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive inform...

4.3

CVE-2025-2827

  • EPSS 0.03%
  • Veröffentlicht 08.07.2025 15:15:27
  • Zuletzt bearbeitet 02.08.2025 01:22:49

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system.