|
197241
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20561
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197242
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20552
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197243
|
8.8 |
HIGH
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that …
|
CWE-352
Origin Validation Error
|
CVE-2021-20489
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197244
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20481
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197245
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Forc…
|
CWE-613
Insufficient Session Expiration
|
CVE-2021-20473
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197246
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 19556…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-20376
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197247
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
|
NVD-CWE-Other
|
CVE-2021-20375
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197248
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
|
NVD-CWE-Other
|
CVE-2021-20372
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197249
|
7.8 |
HIGH
Local
|
oracle
|
openjdk
|
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and e…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2021-20264
|
2024-11-21 14:46 |
2021-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197250
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_security
|
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform unauthorized actions due to improper or missing authentication controls. IBM X-Force ID: 19…
|
CWE-287
Improper Authentication
|
CVE-2021-20578
|
2024-11-21 14:46 |
2021-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
