Vulnerabilities > IBM > Sterling File Gateway > 6.0.3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-23 | CVE-2021-20484 | Cross-site Scripting vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. | 5.4 |
2021-09-23 | CVE-2021-20485 | Information Exposure Through an Error Message vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
2021-09-23 | CVE-2021-20563 | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. | 4.3 |
2020-12-16 | CVE-2020-4658 | Cross-site Scripting vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. | 6.1 |
2020-11-16 | CVE-2020-4763 | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-11-16 | CVE-2020-4665 | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-11-16 | CVE-2020-4647 | SQL Injection vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. | 8.8 |
2020-11-16 | CVE-2020-4476 | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |