Skip to main content

Sterling File Gateway CVE-2025-2827

| EUVDEUVD-2025-20513 MEDIUM
Exposure of Information Through Directory Listing (CWE-548)
2025-07-08 psirt@us.ibm.com
4.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 16, 2026 - 04:21 euvd
EUVD-2025-20513
Analysis Generated
Mar 16, 2026 - 04:21 vuln.today
CVE Published
Jul 08, 2025 - 15:15 nvd
MEDIUM 4.3

DescriptionCVE.org

IBM Sterling File Gateway

6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4

could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system.

AnalysisAI

CVE-2025-2827 is a security vulnerability (CVSS 4.3). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2012-5937 CRITICAL
9.3 Apr 12

Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and

CVE-2018-1563 MEDIUM POC
5.4 Jul 20

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site

CVE-2021-20489 HIGH
8.8 Oct 07

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attac

CVE-2020-4647 HIGH
8.8 Nov 16

IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. Rated high

CVE-2013-4002 HIGH
7.1 Jul 23

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5

CVE-2020-4476 HIGH
7.5 Nov 16

IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain se

CVE-2019-4147 HIGH
7.2 Sep 16

IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL injection. Rated high severity (CVSS 7.2), this v

CVE-2013-2984 MEDIUM
6.5 Jul 03

Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow

CVE-2013-2982 MEDIUM
6.5 Jul 03

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload

CVE-2013-5409 MEDIUM
6.5 Dec 21

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote aut

CVE-2012-5766 MEDIUM
6.5 Jul 03

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2

CVE-2013-0560 MEDIUM
6.5 Jul 03

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2

Share

CVE-2025-2827 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy