PT-2025-10600 · Ibm · Ibm Sterling File Gateway

Published

2024-09-18

Updated

2025-03-10

CVE-2024-47109

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Sterling File Gateway versions 6.0.0.0 through 6.1.2.6 IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.3

Description The issue allows the disclosure of the installation path of the server, which could aid in further attacks against the system.

Recommendations For versions 6.0.0.0 through 6.1.2.6, update to a version that fixes this issue. For versions 6.2.0.0 through 6.2.0.3, update to a version that fixes this issue.

Fix

Insufficiently Protected Credentials

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-552

Related Identifiers

BDU:2025-02570

CVE-2024-47109

Affected Products

Ibm Sterling File Gateway

PT-2025-10600 · Ibm · Ibm Sterling File Gateway

CVE-2024-47109

Weakness Enumeration

Related Identifiers

Affected Products

References · 8