Improper Access Control in IBM Sterling File Gateway Affects User Data
CVE-2024-22316
4.3MEDIUM
Summary
A vulnerability exists in IBM Sterling File Gateway that allows authenticated users to execute unauthorized actions on another user's data, stemming from inadequate access control measures. This could result in unauthorized data manipulation or disclosure, potentially compromising sensitive information and violating user privacy.
Affected Version(s)
Sterling File Gateway 6.0.0.0 <= 6.1.2.5
Sterling File Gateway 6.2.0.0 <= 6.2.0.1
References
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved