CVE-2021-20473
published 2021-10-07CVE-2021-20473: IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | 2.2.0.0 – 5.2.6.5_3 | — |
| ibm | sterling_file_gateway | 6.0.0.0 – 6.0.3.4 | — |
| ibm | sterling_file_gateway | 6.1.0.0 – 6.1.0.1 | — |