CVE-2021-20563
First published: Wed Sep 22 2021(Updated: )
IBM Sterling File Gateway could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further attacks against the system.
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sending a specially crafted request, the user could disclose a valid filepath on the server which could be used in further attacks against the system. IBM X-Force ID: 199234.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Sterling File Gateway | <=2.2.0.0 - 6.1.0.3 | |
| IBM Sterling File Gateway | >=2.2.0.0<=6.1.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the IBM Sterling File Gateway vulnerability?
The vulnerability ID for the IBM Sterling File Gateway vulnerability is CVE-2021-20563.
What is the severity of CVE-2021-20563?
The severity of CVE-2021-20563 is medium.
How can a remote authenticated user exploit CVE-2021-20563?
A remote authenticated user can exploit CVE-2021-20563 by sending a specially crafted request to obtain sensitive information and disclose a valid filepath on the server.
What version of IBM Sterling File Gateway is affected by CVE-2021-20563?
IBM Sterling File Gateway versions 2.2.0.0 through 6.1.0.3 are affected by CVE-2021-20563.
What is the IBM X-Force ID for CVE-2021-20563?
The IBM X-Force ID for CVE-2021-20563 is 199234.
- collector/ibm-support
- collector/nvd-index
- vendor/ibm
- product/sterling file gateway
- canonical/ibm sterling file gateway