Ibm

Sterling File Gateway

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-2793

  • EPSS 0.02%
  • Veröffentlicht 08.07.2025 15:15:27
  • Zuletzt bearbeitet 02.08.2025 01:23:17

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user t...

5.4

CVE-2025-3630

  • EPSS 0.02%
  • Veröffentlicht 08.07.2025 14:51:24
  • Zuletzt bearbeitet 02.08.2025 01:22:01

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated user...

4.8

CVE-2025-1349

  • EPSS 0.02%
  • Veröffentlicht 18.06.2025 16:20:51
  • Zuletzt bearbeitet 25.07.2025 17:58:03

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI...

4

CVE-2025-1348

  • EPSS 0.01%
  • Veröffentlicht 18.06.2025 16:19:48
  • Zuletzt bearbeitet 25.07.2025 17:57:57

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.

4.3

CVE-2024-54172

  • EPSS 0.01%
  • Veröffentlicht 18.06.2025 16:13:10
  • Zuletzt bearbeitet 25.07.2025 17:57:51

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a u...

5.4

CVE-2024-54183

  • EPSS 0.02%
  • Veröffentlicht 18.06.2025 15:08:50
  • Zuletzt bearbeitet 25.07.2025 17:57:41

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus...

5.3

CVE-2024-47109

  • EPSS 0.07%
  • Veröffentlicht 10.03.2025 16:01:42
  • Zuletzt bearbeitet 25.07.2025 18:11:23

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.

4.3

CVE-2024-22316

  • EPSS 0.07%
  • Veröffentlicht 27.01.2025 16:15:30
  • Zuletzt bearbeitet 29.09.2025 15:16:05

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.

5.4

CVE-2023-52292

  • EPSS 0.04%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 06.11.2025 22:01:07

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...

4.3

CVE-2023-47159

  • EPSS 0.07%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 05.03.2025 14:08:19

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses.