Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sterling secure proxy vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-47162
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X...
Ibm Sterling Secure Proxy 6.0.3
Ibm Sterling Secure Proxy 6.1.0
5.9
CVSSv3
CVE-2016-6025
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 allows remote malicious users to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified U...
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
6.1
CVSSv3
CVE-2016-6027
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information or modify data by leveragin...
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 3.4.2.0
8.2
CVSSv3
CVE-2020-4462
IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability t...
Ibm Sterling External Authentication Server 2.4.2.0
Ibm Sterling External Authentication Server 2.4.3.2
Ibm Sterling External Authentication Server 6.0.0.0
Ibm Sterling External Authentication Server 6.0.1.0
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 6.0.0.0
Ibm Sterling Secure Proxy 6.0.1.0
6.5
CVSSv3
CVE-2022-22333
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local att...
Ibm Sterling External Authentication Server 3.4.3.2
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.2
Ibm Sterling Secure Proxy 6.0.3.0
7.5
CVSSv3
CVE-2022-22336
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
Ibm Sterling External Authentication Server 3.4.3.2
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.2
Ibm Sterling Secure Proxy 6.0.3.0
5.5
CVSSv3
CVE-2023-32338
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.
Ibm Sterling Secure Proxy 6.0.3
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling External Authentication Server 6.1.0
Ibm Sterling Secure Proxy 6.1.0
5.3
CVSSv3
CVE-2021-29726
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.
Ibm Sterling Secure Proxy 6.0.3
Ibm Secure External Authentication Server 6.0.3
5.4
CVSSv3
CVE-2021-29749
IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
Ibm Secure External Authentication Server 6.0.2
Ibm Sterling Secure Proxy 6.0.2
5.5
CVSSv3
CVE-2023-29261
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling External Authentication Server 6.1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »