CVE-2018-1398: Infoleak
First published: Fri Jul 20 2018(Updated: )
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Sterling File Gateway | >=2.2.0<=2.2.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-1398?
The severity of CVE-2018-1398 is medium, with a score of 5.3.
How can a remote attacker exploit CVE-2018-1398?
A remote attacker can exploit CVE-2018-1398 by downloading certain files that may contain sensitive information.
Which versions of IBM Sterling File Gateway are affected by CVE-2018-1398?
IBM Sterling File Gateway versions 2.2.0 through 2.2.6 are affected by CVE-2018-1398.
Is there a fix available for CVE-2018-1398?
Yes, IBM has released a fix for CVE-2018-1398. It is recommended to update to a patched version of IBM Sterling File Gateway.
Where can I find more information about CVE-2018-1398?
You can find more information about CVE-2018-1398 on the following websites: [IBM Support](http://www.ibm.com/support/docview.wss?uid=ibm10717025), [SecurityFocus](http://www.securityfocus.com/bid/104919), and [IBM X-Force](https://exchange.xforce.ibmcloud.com/vulnerabilities/138434).
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- vendor/ibm
- canonical/ibm sterling file gateway
- version/ibm sterling file gateway/2.2.0
- version/ibm sterling file gateway/2.2.6