CVE-2025-2827

Summary

IBM Sterling File Gateway

6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4

could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system.

Affected Software

VendorProductVersion RangeStatus
IBMSterling File Gateway6.0.0.0 <= 6.1.2.6affected
IBMSterling File Gateway6.2.0.0 <= 6.2.0.4affected

Weaknesses

  • CWE-548: CWE-548 Exposure of Information Through Directory Listing

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References