Ibm

Sterling File Gateway

93 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2025-1349

  • EPSS 0.03%
  • Veröffentlicht 18.06.2025 16:20:51
  • Zuletzt bearbeitet 25.07.2025 17:58:03

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI...

4

CVE-2025-1348

  • EPSS 0.02%
  • Veröffentlicht 18.06.2025 16:19:48
  • Zuletzt bearbeitet 25.07.2025 17:57:57

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.

4.3

CVE-2024-54172

  • EPSS 0.02%
  • Veröffentlicht 18.06.2025 16:13:10
  • Zuletzt bearbeitet 25.07.2025 17:57:51

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a u...

5.4

CVE-2024-54183

  • EPSS 0.04%
  • Veröffentlicht 18.06.2025 15:08:50
  • Zuletzt bearbeitet 25.07.2025 17:57:41

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus...

5.3

CVE-2024-47109

  • EPSS 0.08%
  • Veröffentlicht 10.03.2025 16:01:42
  • Zuletzt bearbeitet 25.07.2025 18:11:23

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.

4.3

CVE-2024-22316

  • EPSS 0.09%
  • Veröffentlicht 27.01.2025 16:15:30
  • Zuletzt bearbeitet 29.09.2025 15:16:05

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.

5.4

CVE-2023-52292

  • EPSS 0.1%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 06.11.2025 22:01:07

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...

4.3

CVE-2023-47159

  • EPSS 0.1%
  • Veröffentlicht 27.01.2025 16:15:29
  • Zuletzt bearbeitet 05.03.2025 14:08:19

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses.

5.4

CVE-2023-47714

  • EPSS 0.07%
  • Veröffentlicht 12.04.2024 13:15:14
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p...

5.3

CVE-2021-39086

  • EPSS 0.1%
  • Veröffentlicht 16.08.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:34

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information...