CVE-2017-1497 — Sensitive Information Exposure in IBM Sterling File Gateway

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

3.7LOWNVD

EPSS

0.2%

top 59.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling File Gateway

Timeline

PublishedDec 7

Latest updateMay 17

Description

IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 2.2 | Impact: 1.4

Affected Packages2 packages

▶CVEListV5ibm/sterling_file_gateway2.2

▶NVDibm/sterling_file_gateway2.2

🔴Vulnerability Details

GHSA

GHSA-hqmc-6pq9-9x66: IBM Sterling File Gateway 2↗2022-05-17

▶

CVEList

CVE-2017-1497: IBM Sterling File Gateway 2↗2017-12-07

▶