IBM Sterling File Gateway 6.0.3.4

CPE Details

IBM Sterling File Gateway 6.0.3.4
ibm
sterling_file_gateway
6.0.3.4
2021-10-13
13h59 +00:00
2021-10-13
21h39 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:sterling_file_gateway:6.0.3.4:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

sterling_file_gateway

Version

6.0.3.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-39086 2022-08-16
18h45 +00:00		 IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 215889.
5.3
Medium
CVE-2020-4654 2021-10-08
17h20 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to improper permission control. IBM X-Force ID: 186090.
6.5
Medium
CVE-2021-20552 2021-10-07
18h05 +00:00		 IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199170.
4.3
Medium
CVE-2021-20489 2021-10-07
18h05 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 197790.
8.8
High
CVE-2021-20481 2021-10-07
18h05 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197503.
6.1
Medium
CVE-2021-20473 2021-10-07
18h05 +00:00		 IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944.
6.5
Medium
CVE-2021-20563 2021-09-23
17h10 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further attacks against the system. IBM X-Force ID: 199234.
4.3
Medium
CVE-2021-20485 2021-09-23
17h10 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197667.
4.3
Medium
CVE-2021-20484 2021-09-23
17h10 +00:00		 IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 197666.
5.4
Medium