Vulnerability Description
IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling File Gateway | >= 2.2.0.0, <= 2.2.6.5_1 |
| Hp | Hp-Ux | - |
| Ibm | Aix | - |
| Ibm | I | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
| Oracle | Solaris | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175638VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6208038Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175638VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/6208038Vendor Advisory
FAQ
What is CVE-2020-4259?
CVE-2020-4259 is a vulnerability with a CVSS score of 6.5 (MEDIUM). IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized...
How severe is CVE-2020-4259?
CVE-2020-4259 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-4259?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling File Gateway, Hp Hp-Ux, Ibm Aix, Ibm I, Linux Linux Kernel.