What the vulnerability does
01Description
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to perform unauthorized actions to another user's data due to improper access controls.
CVE-2024-22316
MEDIUM
CVE-2024-22316: IBM Sterling File Gateway improper access control
CVSS base score
4.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Key dates
02Disclosure timeline
January 27, 2025
CVE published
September 29, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-27915 Sulu grants access to pages regardless of role permissions
CVE-2021-21013 Magento Commerce Insecure Direct Object Reference Could Lead To Information Disclosure
CVE-2026-35491 Pi-hole FTL: CLI API sessions can import Teleporter archives and modify configuration
CVE-2022-23627 Inadequate access verification when using proxy commands in ArchiSteamFarm
CVE-2026-28229 Argo Workflows has unauthorized access to Argo Workflows Template
