NotCVE - vendor:"Ibm" product:"Sterling File Gateway" version:" >= 2.2.0.0 <= 6.1.0.3"

Page 4 of 35 results (0.004 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-1575

https://notcve.org/view.php?id=CVE-2017-1575

20 Jul 2018 — IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032. IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway desde la versión 2.2.0 hasta la 2.2.6) emplea algoritmos criptográficos más débiles de lo esperado que podrían permitir que un atacante local descifre información altamente sensible. IBM X-Force ID... • http://www.ibm.com/support/docview.wss?uid=ibm10716997 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1470

https://notcve.org/view.php?id=CVE-2018-1470

20 Jul 2018 — IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688. IBM Sterling File Gateway, desde la versión 2.2.0 hasta la 2.2.6 podría permitir que un atacante autenticado remoto obtenga información sensible mostrada en la URL que podría conducir a más ataques contra el sistema. IBM X-Force ID: 140688. • http://www.ibm.com/support/docview.wss?uid=ibm10716997 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-1544

https://notcve.org/view.php?id=CVE-2017-1544

20 Jul 2018 — IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway desde la versión 2.2.0 hasta la 2.2.6) cachea los nombres de usuario y las contraseñas en navegadores que podrían ser empleados por un atacante local para obtener información sensible. IBM X-Force ID: 130812. • http://www.ibm.com/support/docview.wss?uid=ibm10716997 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-1398

https://notcve.org/view.php?id=CVE-2018-1398

20 Jul 2018 — IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434. IBM Sterling File Gateway desde la versión 2.2.0 hasta la 2.2.6 podría permitir que un atacante remoto descargue ciertos archivos que podrían contener información sensible. IBM X-Force ID: 138434. • http://www.ibm.com/support/docview.wss?uid=ibm10717025 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 2%CPEs: 2EXPL: 2

CVE-2018-1563 – IBM Sterling B2B Integrator 5.2.0.1/5.2.6.3 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2018-1563

20 Jul 2018 — IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967. IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway desde la versión 2.2.0 hasta la 2.2.6) es vulnerable a Cross-Site Scripting (XSS). Esta vu... • https://packetstorm.news/files/id/148882 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1 2 3 4