Product:

Sterling_file_gateway

(Ibm)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 64
Date Id Summary Products Score Patch Annotated
2018-07-20 CVE-2017-1575 IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032. Sterling_file_gateway 5.5
2018-07-20 CVE-2017-1544 IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. Sterling_file_gateway 7.8
2017-12-11 CVE-2017-1550 IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290. Sterling_file_gateway 6.5
2017-12-11 CVE-2017-1632 IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133178. Sterling_file_gateway 5.4
2017-12-11 CVE-2017-1549 IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131289. Sterling_file_gateway 5.4
2017-12-11 CVE-2017-1548 IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 131288. Sterling_file_gateway 5.3
2017-12-07 CVE-2017-1497 IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695. Sterling_file_gateway 3.7
2017-12-07 CVE-2017-1487 IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626. Sterling_file_gateway 6.5
2017-08-02 CVE-2015-0194 XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data. Sterling_b2b_integrator, Sterling_file_gateway 6.5
2015-01-10 CVE-2014-6199 The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request. Sterling_b2b_integrator, Sterling_file_gateway N/A