Vulnerabilities > IBM > Sterling File Gateway > 2.2.0

DATE CVE VULNERABILITY TITLE RISK
2019-09-16 CVE-2019-4147 SQL Injection vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.2
2018-07-20 CVE-2018-1563 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2018-07-20 CVE-2018-1470 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system.
network
low complexity
ibm CWE-200
4.3
2018-07-20 CVE-2018-1398 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information.
network
low complexity
ibm CWE-200
5.3
2018-07-20 CVE-2017-1575 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling File Gateway
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information.
local
low complexity
ibm CWE-327
5.5
2018-07-20 CVE-2017-1544 Information Exposure vulnerability in IBM Sterling File Gateway
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information.
local
low complexity
ibm CWE-200
7.8