Ibm

Sterling File Gateway

81 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-0194

  • EPSS 0.19%
  • Published 02.08.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

5

CVE-2014-6199

  • EPSS 1.88%
  • Published 10.01.2015 02:59:27
  • Last modified 12.04.2025 10:46:40

The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request.

4.3

CVE-2013-5413

  • EPSS 0.27%
  • Published 21.12.2013 14:22:57
  • Last modified 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation.

4.3

CVE-2013-5411

  • EPSS 0.25%
  • Published 21.12.2013 14:22:56
  • Last modified 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors.

6.5

CVE-2013-5409

  • EPSS 0.31%
  • Published 21.12.2013 14:22:56
  • Last modified 11.04.2025 00:51:21

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

4.9

CVE-2013-5407

  • EPSS 0.15%
  • Published 21.12.2013 14:22:56
  • Last modified 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, relat...

3.5

CVE-2013-5406

  • EPSS 0.18%
  • Published 21.12.2013 14:22:56
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction w...

3.5

CVE-2013-5405

  • EPSS 0.18%
  • Published 21.12.2013 14:22:56
  • Last modified 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

7.1

CVE-2013-4002

  • EPSS 1.42%
  • Published 23.07.2013 11:03:19
  • Last modified 11.04.2025 00:51:21

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Ja...

4

CVE-2013-2987

  • EPSS 0.16%
  • Published 03.07.2013 13:54:31
  • Last modified 11.04.2025 00:51:21

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE...