CVE-2019-4423

Summary

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162769.

Affected Software

VendorProductVersion RangeStatus
IBMSterling File Gateway2.2.0.0affected
IBMSterling File Gateway6.0.1.0affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References