threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm sterling file gateway
Product
ibm sterling file gateway
93 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-1264
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
7.1
HIGH
CVE-2025-14031
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 thro
7.5
HIGH
CVE-2026-0835
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
5.4
MEDIUM
CVE-2025-36368
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 throug
6.5
MEDIUM
CVE-2025-14504
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.
5.4
MEDIUM
CVE-2025-14483
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
4.3
MEDIUM
CVE-2023-40693
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, and 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 thro
5.4
MEDIUM
CVE-2025-36348
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1, and IBM Ster
4.9
MEDIUM
CVE-2025-36134
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could d
3.7
LOW
CVE-2025-36112
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could r
5.3
MEDIUM
CVE-2025-36135
>= 6.0.0.0 and <= 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0
5.4
MEDIUM
CVE-2025-36002
>= 6.2.0.0 and < 6.2.0.5_1
IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.
5.5
MEDIUM
CVE-2025-2694
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.
4.8
MEDIUM
CVE-2025-2667
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.
2.7
LOW
CVE-2025-2988
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disc
2.7
LOW
CVE-2025-33008
all versions
IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2025-33014
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link wit
5.4
MEDIUM
CVE-2025-3630
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6,
6.4
MEDIUM
CVE-2025-2827
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation direct
4.3
MEDIUM
CVE-2025-2793
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6,
5.4
MEDIUM
CVE-2025-1349
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to s
5.5
MEDIUM
CVE-2025-1348
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local
4.0
MEDIUM
CVE-2024-54172
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cro
4.3
MEDIUM
CVE-2024-54183
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cro
5.4
MEDIUM
CVE-2024-47109
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 UI could disclosure the installation path of the ser
5.3
MEDIUM
CVE-2024-22316
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unautho
4.3
MEDIUM
CVE-2023-52292
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to stored cross-site scripting. This v
6.4
MEDIUM
CVE-2023-47159
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usern
4.3
MEDIUM
CVE-2023-47714
>= 6.0.0.0 and <= 6.0.3.9
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. Thi
4.8
MEDIUM
CVE-2021-39086
>= 6.0.0.0 and < 6.0.3.6
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attac
5.3
MEDIUM
CVE-2020-4654
>= 2.2.0.0 and < 5.2.6.5_4
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information due to imprope
6.5
MEDIUM
CVE-2021-20552
>= 6.0.1.0 and <= 6.1.0.2
IBM Sterling File Gateway 6.0.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed te
4.3
MEDIUM
CVE-2021-20489
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to exe
8.8
HIGH
CVE-2021-20481
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed
6.1
MEDIUM
CVE-2021-20473
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an aut
6.5
MEDIUM
CVE-2021-20563
>= 2.2.0.0 and <= 6.1.0.3
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote authenciated user to obtain sensitive information. By sendi
4.3
MEDIUM
CVE-2021-20485
>= 2.2.0.0 and <= 6.1.0.3
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 could allow a remote attacker to obtain sensitive information when a detailed te
4.3
MEDIUM
CVE-2021-20484
>= 2.2.0.0 and <= 6.1.0.3
IBM Sterling File Gateway 2.2.0.0 through 6.1.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2020-4658
>= 2.2.0.0 and <= 6.0.3.2
IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed
6.1
MEDIUM
CVE-2020-4763
>= 2.2.0.0 and <= 2.2.6.5
IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization t
4.3
MEDIUM
CVE-2020-4665
>= 2.2.0.0 and <= 2.2.6.5
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 does not set the secure attribute on authorization t
4.3
MEDIUM
CVE-2020-4647
>= 2.2.0.0 and <= 2.2.6.5
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. A remote attacker co
8.8
HIGH
CVE-2020-4476
>= 2.2.0.0 and <= 2.2.6.5
IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive in
7.5
HIGH
CVE-2020-4564
>= 2.2.0.0 and <= 6.0.3.1
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vul
5.4
MEDIUM
CVE-2020-4299
>= 5.2.0.0 and <= 5.2.6.5_1
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specia
4.3
MEDIUM
CVE-2020-4259
>= 2.2.0.0 and <= 2.2.6.5_1
IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove
6.5
MEDIUM
CVE-2019-4423
>= 2.2.0.0 and <= 6.0.1.0
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker
5.3
MEDIUM
CVE-2019-4280
>= 2.2.0.0 and <= 6.0.1.0
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive information in HTTP requests which could be used in further a
5.3
MEDIUM
CVE-2019-4147
>= 2.2 and <= 6.0.1.0
IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted S
7.2
HIGH
CVE-2018-1563
>= 2.2.0 and <= 2.2.6
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting
5.4
MEDIUM
CVE-2018-1470
>= 2.2.0 and <= 2.2.6
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displaye
4.3
MEDIUM
CVE-2018-1398
>= 2.2.0 and <= 2.2.6
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive
5.3
MEDIUM
CVE-2017-1575
>= 2.2.0 and <= 2.2.6
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptograph
5.1
MEDIUM
CVE-2017-1544
>= 2.2.0 and <= 2.2.6
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in bro
2.4
LOW
CVE-2014-0927
all versions
The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote a
8.1
HIGH
CVE-2014-0912
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product i
5.3
MEDIUM
CVE-2017-1632
all versions
IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2017-1550
all versions
IBM Sterling File Gateway 2.2 could allow an authenticated user to change other user's passwords. IBM X-Force ID: 131290.
6.5
MEDIUM
CVE-2017-1549
all versions
IBM Sterling File Gateway 2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript
5.4
MEDIUM
CVE-2017-1548
all versions
IBM Sterling File Gateway 2.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specia
5.3
MEDIUM
CVE-2017-1497
all versions
IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know th
3.7
LOW
CVE-2017-1487
all versions
IBM Sterling File Gateway 2.2 could allow an authenticated attacker to obtain sensitive information such as login ids on the syste
6.5
MEDIUM
CVE-2015-0194
all versions
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allow
6.5
MEDIUM
CVE-2014-6199
all versions
The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers
CVE-2013-5413
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remot
CVE-2013-5411
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended naviga
CVE-2013-5409
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated
CVE-2013-5407
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote
CVE-2013-5406
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote
CVE-2013-5405
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote
CVE-2013-4002
all versions
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before
CVE-2013-3020
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2987
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2985
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2984
all versions
Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote a
CVE-2013-2982
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary
CVE-2013-0568
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0567
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0560
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remo
CVE-2013-0558
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive informati
CVE-2013-0539
all versions
An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short s
CVE-2013-0481
all versions
The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack
CVE-2013-0479
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restrict file types and extensions,
CVE-2013-0476
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to inject arbitrary FTP comma
CVE-2013-0475
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0468
all versions
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows r
CVE-2013-0463
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0456
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions
CVE-2012-5936
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in
CVE-2012-5766
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remo
CVE-2013-2983
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote auth
CVE-2013-0455
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote at
CVE-2012-5937
all versions
Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin