CVE-2017-1497

low

Published 2017-12-07 · Modified 2026-05-13

CVSS v3

3.7

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2

4.3

VIR risk

3.7

Description

IBM Sterling File Gateway 2.2 could allow an unauthorized user to view files they should not have access to providing they know the directory location of the file. IBM X-Force ID: 128695.

Predictions

Exploit likelihood

47%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — https://exchange.xforce.ibmcloud.com/vulnerabilities/128695

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/support/docview.wss?uid=swg22010738

Application impact

Vendor	Product	Versions	Fixed
ibm	sterling_file_gateway	`2.2`

References

http://www.ibm.com/support/docview.wss?uid=swg22010738
http://www.securityfocus.com/bid/102187
https://exchange.xforce.ibmcloud.com/vulnerabilities/128695
http://www.ibm.com/support/docview.wss?uid=swg22010738
http://www.securityfocus.com/bid/102187
https://exchange.xforce.ibmcloud.com/vulnerabilities/128695

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.