Ibm

Sterling File Gateway

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-54172

  • EPSS 0.02%
  • Veröffentlicht 18.06.2025 16:13:10
  • Zuletzt bearbeitet 25.07.2025 17:57:51

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a u...

5.4

CVE-2024-54183

  • EPSS 0.05%
  • Veröffentlicht 18.06.2025 15:08:50
  • Zuletzt bearbeitet 25.07.2025 17:57:41

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus...

5.3

CVE-2024-47109

  • EPSS 0.08%
  • Veröffentlicht 10.03.2025 16:01:42
  • Zuletzt bearbeitet 25.07.2025 18:11:23

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.

4.3

CVE-2024-22316

  • EPSS 0.05%
  • Veröffentlicht 27.01.2025 16:15:30
  • Zuletzt bearbeitet 29.09.2025 15:16:05

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.

5.4

CVE-2023-52292

  • EPSS 0.03%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 05.03.2025 14:08:19

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...

4.3

CVE-2023-47159

  • EPSS 0.04%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 05.03.2025 14:08:19

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses.

5.4

CVE-2023-47714

  • EPSS 0.07%
  • Veröffentlicht 12.04.2024 13:15:14
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p...

5.3

CVE-2021-39086

  • EPSS 0.1%
  • Veröffentlicht 16.08.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:34

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information...

6.5

CVE-2020-4654

  • EPSS 0.31%
  • Veröffentlicht 08.10.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:03

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.

4.3

CVE-2021-20552

  • EPSS 0.11%
  • Veröffentlicht 07.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:45

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. ...