CVE-2023-47159

Summary

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses.

Affected Software

VendorProductVersion RangeStatus
IBMSterling File Gateway6.0.0.0 <= 6.1.2.5affected
IBMSterling File Gateway6.2.0.0 <= 6.2.0.1affected

Weaknesses

  • CWE-204: CWE-204 Response Discrepancy Information Exposure

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References