Sterling File Gateway Security Vulnerabilities and Issues — Sterling File Gateway CVE List

Lucene search

IbmSterling File Gateway

6 matches found

CVE•added 2013/12/21 2:22 p.m.•44 views

CVE-2013-5405

Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters.

3.5CVSS5.3AI score0.0018EPSS

CVE•added 2013/12/21 2:22 p.m.•40 views

CVE-2013-5406

3.5CVSS5.3AI score0.0018EPSS

CVE•added 2013/12/21 2:22 p.m.•40 views

CVE-2013-5409

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5CVSS8.1AI score0.00314EPSS

CVE•added 2013/12/21 2:22 p.m.•39 views

CVE-2013-5413

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation.

4.3CVSS7AI score0.00265EPSS

CVE•added 2013/12/21 2:22 p.m.•38 views

CVE-2013-5411

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecified vectors.

4.3CVSS6.7AI score0.00246EPSS

CVE•added 2013/12/21 2:22 p.m.•37 views

CVE-2013-5407

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue.

4.9CVSS5.8AI score0.00154EPSS