CVE-2020-4259

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638.

Published: May 14, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-4259
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-276

Affected Software
References

Software	From	Fixed in
ibm / sterling_file_gateway	2.2.0.0	2.2.6.5_1.x
ibm / sterling_file_gateway	6.0.0.0	6.0.3.1.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/175638
https://www.ibm.com/support/pages/node/6208038

Vulnerability Database

289,697

CVE-2020-4259