Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm sterling file gateway - vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2017-1548
IBM Sterling File Gateway 2.2 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 131288.
Ibm Sterling File Gateway 2.2
6.5
CVSSv3
CVE-2017-1550
IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290.
Ibm Sterling File Gateway 2.2
NA
CVE-2014-6199
The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote malicious users to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request.
Ibm Sterling B2b Integrator 5.2.4.2
Ibm Sterling B2b Integrator 5.2.4.1
Ibm Sterling B2b Integrator 5.2
Ibm Sterling B2b Integrator 5.2.2
Ibm Sterling B2b Integrator 5.2.1
Ibm Sterling B2b Integrator 5.2.4
Ibm Sterling B2b Integrator 5.1
Ibm Sterling B2b Integrator 5.2.5.0
Ibm Sterling File Gateway 2.1
Ibm Sterling File Gateway 2.2
7.5
CVSSv3
CVE-2021-20584
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow a remote malicious user to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2021-20376
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow an authenticated malicious user to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 195568.
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2021-20372
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
Ibm Sterling B2b Integrator
6.5
CVSSv3
CVE-2021-20375
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
Ibm Sterling B2b Integrator
6.1
CVSSv3
CVE-2021-20561
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a tr...
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2017-1326
IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.
Ibm Sterling B2b Integrator 5.2
NA
CVE-2023-47714
IBM Sterling File Gateway 6.0.0.0 up to and including 6.0.3.9, 6.1.0.0 up to and including 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potenti...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7