Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm sterling file gateway vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4423
IBM Sterling File Gateway 2.2.0.0 up to and including 6.0.1.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. I...
Ibm Sterling File Gateway
5
CVSSv2
CVE-2020-4476
IBM Sterling File Gateway 2.2.0.0 up to and including 2.2.6.5 and 6.0.0.0 up to and including 6.0.3.2 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further ...
Ibm Sterling File Gateway
4
CVSSv2
CVE-2020-4654
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.
Ibm Sterling File Gateway
4.3
CVSSv2
CVE-2020-4665
IBM Sterling File Gateway 2.2.0.0 up to and including 2.2.6.5 and 6.0.0.0 up to and including 6.0.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting th...
Ibm Sterling File Gateway
5
CVSSv2
CVE-2018-1398
IBM Sterling File Gateway 2.2.0 up to and including 2.2.6 could allow a remote malicious user to download certain files that could contain sensitive information. IBM X-Force ID: 138434.
Ibm Sterling File Gateway
3.5
CVSSv2
CVE-2013-5405
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.
Ibm Sterling File Gateway 2.2
Ibm Sterling B2b Integrator 5.2
3.5
CVSSv2
CVE-2013-5406
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, leading to improper interaction with the Windows MHTML protocol...
Ibm Sterling File Gateway 2.2
Ibm Sterling B2b Integrator 5.2
4.9
CVSSv2
CVE-2013-5407
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection&...
Ibm Sterling File Gateway 2.2
Ibm Sterling B2b Integrator 5.2
6.5
CVSSv2
CVE-2013-5409
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Ibm Sterling File Gateway 2.2
Ibm Sterling B2b Integrator 5.2
4.3
CVSSv2
CVE-2013-5413
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote malicious users to bypass authentication by leveraging an unattended workstation.
Ibm Sterling B2b Integrator 5.2
Ibm Sterling File Gateway 2.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »