Ibm

Sterling File Gateway

85 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-47714

  • EPSS 0.07%
  • Veröffentlicht 12.04.2024 13:15:14
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality p...

5.3

CVE-2021-39086

  • EPSS 0.1%
  • Veröffentlicht 16.08.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:18:34

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information...

6.5

CVE-2020-4654

  • EPSS 0.31%
  • Veröffentlicht 08.10.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:03

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.

4.3

CVE-2021-20552

  • EPSS 0.11%
  • Veröffentlicht 07.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:45

IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. ...

8.8

CVE-2021-20489

  • EPSS 0.09%
  • Veröffentlicht 07.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:39

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 197790.

6.1

CVE-2021-20481

  • EPSS 0.16%
  • Veröffentlicht 07.10.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:38

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...

6.5

CVE-2021-20473

  • EPSS 0.09%
  • Veröffentlicht 07.10.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:37

IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944.

4.3

CVE-2021-20563

  • EPSS 0.12%
  • Veröffentlicht 23.09.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:46:46

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further at...

4.3

CVE-2021-20485

  • EPSS 0.11%
  • Veröffentlicht 23.09.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:46:39

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. ...

5.4

CVE-2021-20484

  • EPSS 0.16%
  • Veröffentlicht 23.09.2021 17:15:11
  • Zuletzt bearbeitet 21.11.2024 05:46:39

IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc...