Sterling File Gateway@* Security Vulnerabilities and Issues — Sterling File Gateway@* CVE List

Lucene search

IbmSterling File Gateway*

8 matches found

CVE•added 2025/01/27 4:15 p.m.•84 views

CVE-2023-47159

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses.

4.3CVSS6.5AI score0.00037EPSS

CVE•added 2025/01/27 4:15 p.m.•67 views

CVE-2023-52292

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within ...

6.4CVSS6.1AI score0.00023EPSS

CVE•added 2025/01/27 4:15 p.m.•53 views

CVE-2024-22316

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.

4.3CVSS6.6AI score0.00037EPSS

CVE•added 2025/03/10 4:15 p.m.•40 views

CVE-2024-47109

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.

5.3CVSS6.8AI score0.00049EPSS

CVE•added 2025/07/08 3:15 p.m.•6 views

CVE-2025-2827

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system.

4.3CVSS6.1AI score0.00027EPSS

CVE•added 2025/07/08 3:15 p.m.•6 views

CVE-2025-3630

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI t...

6.4CVSS6.1AI score0.00029EPSS

CVE•added 2025/07/08 3:15 p.m.•5 views

CVE-2025-2793

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a...

5.4CVSS6.3AI score0.00026EPSS

CVE•added 6 days ago•3 views

CVE-2025-33014

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the vict...

5.4CVSS6.1AI score0.00028EPSS