Sterling File Gateway Security Vulnerabilities and Issues — Sterling File Gateway CVE List

Lucene search

IbmSterling File Gateway

18 matches found

CVE•added 2025/01/27 4:15 p.m.•67 views

CVE-2023-52292

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within ...

6.4CVSS6.1AI score0.00023EPSS

CVE•added 2017/12/11 9:29 p.m.•54 views

CVE-2017-1550

IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290.

6.5CVSS6.2AI score0.00274EPSS

CVE•added 2013/07/03 1:54 p.m.•50 views

CVE-2013-0560

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2012-5766.

6.5CVSS8AI score0.00302EPSS

CVE•added 2013/07/03 1:54 p.m.•43 views

CVE-2012-5766

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-056...

6.5CVSS8AI score0.00302EPSS

CVE•added 2013/07/03 1:54 p.m.•40 views

CVE-2013-0476

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to inject arbitrary FTP commands via unspecified vectors.

6.4CVSS7AI score0.00218EPSS

CVE•added 2013/12/21 2:22 p.m.•40 views

CVE-2013-5409

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

6.5CVSS8.1AI score0.00314EPSS

CVE•added 2013/07/03 1:54 p.m.•39 views

CVE-2013-2982

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors.

6.5CVSS6.4AI score0.00349EPSS

CVE•added 2020/05/14 4:15 p.m.•38 views

CVE-2020-4259

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638.

6.5CVSS6.1AI score0.00102EPSS

CVE•added 2021/10/08 6:15 p.m.•38 views

CVE-2020-4654

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.

6.5CVSS6AI score0.00312EPSS

CVE•added 2017/12/07 3:29 p.m.•37 views

CVE-2017-1487

IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626.

6.5CVSS5.9AI score0.00239EPSS

CVE•added 2017/08/02 7:29 p.m.•35 views

CVE-2015-0194

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

6.5CVSS6.2AI score0.00194EPSS

CVE•added 2013/07/03 1:54 p.m.•32 views

CVE-2013-2984

Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors.

6.5CVSS6.1AI score0.00469EPSS

CVE•added 2021/10/07 6:15 p.m.•32 views

CVE-2021-20473

IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944.

6.5CVSS6.2AI score0.00089EPSS

CVE•added 2021/10/07 6:15 p.m.•32 views

CVE-2021-20481

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

6.1CVSS5.8AI score0.00214EPSS

CVE•added 2021/10/07 6:15 p.m.•30 views

CVE-2021-20561

6.1CVSS5.8AI score0.00214EPSS

CVE•added 2020/12/16 9:15 p.m.•29 views

CVE-2020-4658

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

6.1CVSS5.8AI score0.00188EPSS

CVE•added 2021/10/07 6:15 p.m.•24 views

CVE-2021-20375

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.

6.5CVSS6.2AI score0.00133EPSS

CVE•added 2025/07/08 3:15 p.m.•6 views

CVE-2025-3630

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI t...

6.4CVSS6.1AI score0.00029EPSS