CVE-2018-1398Sensitive Information Exposure in IBM Sterling File Gateway

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 56.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling File Gateway
Timeline
PublishedJul 20
Latest updateMay 13

Description

IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

NVDibm/sterling_file_gateway2.2.02.2.6
CVEListV5ibm/sterling_file_gateway2.2.0, 2.2.6+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-w2p7-2hgm-vx69: IBM Sterling File Gateway 22022-05-13
CVEList
CVE-2018-1398: IBM Sterling File Gateway 22018-07-20
CVE-2018-1398 — Sensitive Information Exposure in IBM | cvebase