|
195591
|
7.5 |
HIGH
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.
|
NVD-CWE-Other
|
CVE-2021-20584
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195592
|
5.4 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the in…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20571
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195593
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20561
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195594
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information co…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2021-20552
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195595
|
8.8 |
HIGH
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that …
|
CWE-352
Origin Validation Error
|
CVE-2021-20489
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195596
|
6.1 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…
|
CWE-79
Cross-site Scripting
|
CVE-2021-20481
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195597
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_file_gateway
|
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Forc…
|
CWE-613
Insufficient Session Expiration
|
CVE-2021-20473
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195598
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 19556…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2021-20376
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195599
|
6.5 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
|
NVD-CWE-Other
|
CVE-2021-20375
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195600
|
4.3 |
MEDIUM
Network
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
|
NVD-CWE-Other
|
CVE-2021-20372
|
2024-11-21 14:46 |
2021-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
