Lucene search
China National Vulnerability DatabaseCNVD-2021-82425HistoryOct 09, 2021 - 12:00 a.m.
IBM Sterling File Gateway Username Enumeration Vulnerability
2021-10-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
0.001 Low
EPSS
Percentile
19.6%
IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners. IBM Sterling File Gateway versions 2.2.0.0-5.2.6.5_3, 6.0.0.0-6.0.3.4, 6.1 Versions .0.0-6.1.0.1 have a username enumeration vulnerability. The vulnerability stems from a significant difference in the returned messages. An attacker could exploit this vulnerability to enumerate usernames.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm ibm sterling file gateway >=6.1.0.0,<=6. | eq | 1.0.1 | |
| ibm ibm sterling file gateway >=6.0.0.0,<=6. | eq | 0.3.4 |
Related
cve
cve
CVE-2021-20376
2021-10-07 18:15:07
ibm
ibm
prion
prion
Buffer overflow
2021-10-07 18:15:00
cvelist
cvelist
CVE-2021-20376
2021-10-06 00:00:00
nvd
nvd
CVE-2021-20376
2021-10-07 18:15:07