Vulnerabilities > IBM > Sterling File Gateway > 2.2.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-16 | CVE-2020-4647 | SQL Injection vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. | 8.8 |
| 2020-11-16 | CVE-2020-4476 | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
| 2020-10-20 | CVE-2020-4564 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. | 5.4 |
| 2020-05-14 | CVE-2020-4259 | Incorrect Default Permissions vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. | 6.5 |
| 2019-09-30 | CVE-2019-4423 | Path Traversal vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. | 5.3 |
| 2019-09-30 | CVE-2019-4280 | Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further attacks against the system. | 5.3 |
| 2019-09-16 | CVE-2019-4147 | SQL Injection vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. | 7.2 |
| 2018-07-20 | CVE-2018-1563 | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. | 5.4 |
| 2018-07-20 | CVE-2018-1470 | Information Exposure vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. | 4.3 |
| 2018-07-20 | CVE-2018-1398 | Information Exposure vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. | 5.3 |