Ibm

Sterling File Gateway

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-0194

  • EPSS 0.19%
  • Veröffentlicht 02.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

5

CVE-2014-6199

  • EPSS 1.88%
  • Veröffentlicht 10.01.2015 02:59:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request.

4.3

CVE-2013-5413

  • EPSS 0.27%
  • Veröffentlicht 21.12.2013 14:22:57
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation.

4.3

CVE-2013-5411

  • EPSS 0.25%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors.

6.5

CVE-2013-5409

  • EPSS 0.31%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

4.9

CVE-2013-5407

  • EPSS 0.15%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, relat...

3.5

CVE-2013-5406

  • EPSS 0.18%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction w...

3.5

CVE-2013-5405

  • EPSS 0.18%
  • Veröffentlicht 21.12.2013 14:22:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

7.1

CVE-2013-4002

  • EPSS 1.42%
  • Veröffentlicht 23.07.2013 11:03:19
  • Zuletzt bearbeitet 11.04.2025 00:51:21

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja...

4

CVE-2013-2987

  • EPSS 0.16%
  • Veröffentlicht 03.07.2013 13:54:31
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE...