IBM Sterling B2B Integrator And Sterling File Gateway Directory Traversal Vulnerability

IBM Sterling B2B Integrator And Sterling File Gateway Directory Traversal Vulnerability

IBM Sterling B2B Integrator and Sterling File Gateway are prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input.

Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to retrieve arbitrary files in the context of the application.

Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.

The following products are vulnerable:

IBM Sterling B2B Integrator 5.2 and 5.1
IBM Sterling File Gateway 2.2 and 2.1