CVE-2021-20563

Name of the Vulnerable Software and Affected Versions: IBM Sterling File Gateway versions 2.2.0.0 through 6.1.0.3

Description: The issue allows a remote authenticated user to obtain sensitive information by sending a specially crafted request, potentially disclosing a valid filepath on the server. This information could be used in further attacks against the system.

Recommendations: For IBM Sterling File Gateway versions 2.2.0.0 through 6.1.0.3, consider restricting access to sensitive filepaths on the server until a patch is available. As a temporary workaround, limit the ability of remote authenticated users to send specially crafted requests to the server. At the moment, there is no information about a newer version that contains a fix for this vulnerability.