CVE-2024-47109

Summary

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the server which could aid in further attacks against the system.

Affected Software

VendorProductVersion RangeStatus
IBMSterling File Gateway6.0.0.0 <= 6.1.2.6affected
IBMSterling File Gateway6.2.0.0 <= 6.2.0.3affected

Weaknesses

  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References