CVE-2020-4654
First published: Thu Sep 30 2021(Updated: )
IBM Sterling File Gateway could allow an authenticated user to obtain sensitive information due to improper permission control.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Sterling File Gateway | <=2.2.0.0 - 5.2.6.5_3 | |
| IBM Sterling File Gateway | <=6.0.0.0 - 6.0.3.4 | |
| IBM Sterling File Gateway | <=6.1.0.0 - 6.1.0.1 | |
| IBM Sterling File Gateway | >=2.2.0.0<5.2.6.5_4 | |
| IBM Sterling File Gateway | >=6.0.0.0<6.0.3.5 | |
| IBM Sterling File Gateway | >=6.1.0.0<6.1.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-4654?
CVE-2020-4654 is a vulnerability in IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 that allows an authenticated user to obtain sensitive information due to improper permission control.
How does CVE-2020-4654 affect IBM Sterling File Gateway?
CVE-2020-4654 affects IBM Sterling File Gateway versions 2.2.0.0 through 6.1.1.0.
What is the severity of CVE-2020-4654?
CVE-2020-4654 has a severity rating of 6.5, which is considered medium.
How can I fix CVE-2020-4654?
To fix CVE-2020-4654, you should apply the relevant patches provided by IBM.
Where can I find more information about CVE-2020-4654?
You can find more information about CVE-2020-4654 on the IBM X-Force Exchange website and the IBM support pages.
- collector/ibm-support
- collector/nvd-index
- agent/references
- vendor/ibm
- canonical/ibm sterling file gateway
- version/ibm sterling file gateway/2.2.0.0 - 5.2.6.5_3
- version/ibm sterling file gateway/6.0.0.0 - 6.0.3.4
- version/ibm sterling file gateway/6.1.0.0 - 6.1.0.1
- version/ibm sterling file gateway/2.2.0.0
- version/ibm sterling file gateway/6.0.0.0
- version/ibm sterling file gateway/6.1.0.0