cpe:/a:ibm:sterling_file_gateway:2.2.0.0 cpe:/a:ibm:sterling_file_gateway:5.2.1.0 cpe:/a:ibm:sterling_file_gateway:5.2.2.0 cpe:/a:ibm:sterling_file_gateway:5.2.4.0 cpe:/a:ibm:sterling_file_gateway:5.2.4.1 cpe:/a:ibm:sterling_file_gateway:5.2.4.2 cpe:/a:ibm:sterling_file_gateway:5.2.5.0 cpe:/a:ibm:sterling_file_gateway:5.2.6.0 cpe:/a:ibm:sterling_file_gateway:5.2.6.1 cpe:/a:ibm:sterling_file_gateway:5.2.6.2 cpe:/a:ibm:sterling_file_gateway:5.2.6.3 cpe:/a:ibm:sterling_file_gateway:5.2.6.4 cpe:/a:ibm:sterling_file_gateway:5.2.6.5 cpe:/a:ibm:sterling_file_gateway:6.0.0.0 cpe:/a:ibm:sterling_file_gateway:6.0.0.1 cpe:/a:ibm:sterling_file_gateway:6.0.0.2 cpe:/a:ibm:sterling_file_gateway:6.0.1.0 CVE-2019-4423 2019-09-30T12:15:11.993-04:00 2019-10-09T19:50:30.917-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM https://www.ibm.com/support/pages/node/957207 XF ibm-sterling-cve20194423-info-disc (162769) IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 162769.