Description
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.
CVSS breakdown
CVSS 3.0
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
Integrity
High
Scope
Unchanged
Confidentiality
None
Availability
None
User Interaction
None
E
Unchanged
RC
Changed
RL
O
Affected products
- ibm / sterling_file_gateway2.2.0.0 – 2.2.0.0
- ibm / sterling_file_gateway6.0.1.0 – 6.0.1.0
- ibm / sterling_file_gateway6.0.0.0 – 6.0.0.0
- ibm / sterling_file_gateway6.1.0.2 – 6.1.0.2
- ibm / sterling_file_gateway6.0.0.6 – 6.0.0.6
- ibm / sterling_file_gateway6.0.3.4 – 6.0.3.4
- ibm / sterling_file_gateway6.1.0.0 – 6.1.0.0
- ibm / sterling_file_gateway5.2.6.5_4 – 5.2.6.5_4