Ibm Sterling_file_gateway
37 CVEs affecting Ibm Sterling_file_gateway. Latest disclosed: 2017-12-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-1550 | Medium | 6.5 | 2017-12-11 | IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290. |
CVE-2017-1487 | Medium | 6.5 | 2017-12-07 | IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the system. IBM X-Force ID: 128626. |
CVE-2015-0194 | Medium | 6.5 | 2017-08-02 | XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read ar… |
CVE-2017-1632 | Medium | 5.4 | 2017-12-11 | IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2017-1549 | Medium | 5.4 | 2017-12-11 | IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alte… |
CVE-2017-1548 | Medium | 5.3 | 2017-12-11 | IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request conta… |
CVE-2017-1497 | Low | 3.7 | 2017-12-07 | IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the f… |
CVE-2014-6199 | | 2015-01-10 | The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service… | |
CVE-2013-5413 | | 2013-12-21 | IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authent… | |
CVE-2013-5411 | | 2013-12-21 | IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended navigation or actions via unspecifi… | |
CVE-2013-5409 | | 2013-12-21 | Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to execute arbitrary S… | |
CVE-2013-5407 | | 2013-12-21 | IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass… | |
CVE-2013-5406 | | 2013-12-21 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject… | |
CVE-2013-5405 | | 2013-12-21 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated users to inject… | |
CVE-2013-4002 | | 2013-07-23 | XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14… | |
CVE-2013-3020 | | 2013-07-03 | IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about applicatio… | |
CVE-2013-2987 | | 2013-07-03 | IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about applicatio… | |
CVE-2013-2985 | | 2013-07-03 | IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about applicatio… | |
CVE-2013-2984 | | 2013-07-03 | Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or… | |
CVE-2013-2982 | | 2013-07-03 | IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vector… |