CVE-2024-22316

Published: Jan 27, 2025Modified: Sep 29, 2025

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: psirt@us.ibm.com (Secondary)

Description

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.

Affected (2)

Products: Ibm: Sterling File Gateway

Ibm

1 product

Sterling File Gateway

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Sterling File Gateway	From 6.0.0.0 to 6.1.2.5
Ibm Sterling File Gateway	From 6.2.0.0 to 6.2.0.1

Related CWEs

CWE-863

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (1)

https://www.ibm.com/support/pages/node/7176083

Source: psirt@us.ibm.com

Vendor Advisory

Timeline

No history available yet.