First published: Mon Dec 11 2017(Updated: )
IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 131288.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Sterling File Gateway | =2.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2017-1548 is a vulnerability in IBM Sterling File Gateway 2.2 that allows a remote attacker to traverse directories on the system and view arbitrary files.
CVE-2017-1548 has a severity score of 5.3, which is classified as medium.
CVE-2017-1548 affects IBM Sterling File Gateway 2.2 by allowing a remote attacker to traverse directories on the system and view arbitrary files.
To fix CVE-2017-1548, update IBM Sterling File Gateway to a version that does not have this vulnerability.
You can find more information about CVE-2017-1548 in the IBM Security Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22010738