Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sterling secure proxy vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-46179
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent ...
Ibm Sterling Secure Proxy 6.0.3
Ibm Sterling Secure Proxy 6.1.0
409
VMScore
CVE-2016-6025
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 allows remote malicious users to obtain access by leveraging an unattended workstation to conduct a post-logoff session-reuse attack involving a modified U...
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
516
VMScore
CVE-2016-6027
The Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 prior to 3.4.2.0 iFix 8 and 3.4.3 prior to 3.4.3.0 iFix 1 does not enable the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information or modify data by leveragin...
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 3.4.2.0
570
VMScore
CVE-2020-4462
IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability t...
Ibm Sterling External Authentication Server 2.4.2.0
Ibm Sterling External Authentication Server 2.4.3.2
Ibm Sterling External Authentication Server 6.0.0.0
Ibm Sterling External Authentication Server 6.0.1.0
Ibm Sterling Secure Proxy 3.4.2.0
Ibm Sterling Secure Proxy 3.4.3.0
Ibm Sterling Secure Proxy 6.0.0.0
Ibm Sterling Secure Proxy 6.0.1.0
295
VMScore
CVE-2022-22333
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local att...
Ibm Sterling External Authentication Server 3.4.3.2
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.2
Ibm Sterling Secure Proxy 6.0.3.0
446
VMScore
CVE-2022-22336
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
Ibm Sterling External Authentication Server 3.4.3.2
Ibm Sterling External Authentication Server 6.0.2.0
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling Secure Proxy 3.4.3.2
Ibm Sterling Secure Proxy 6.0.2
Ibm Sterling Secure Proxy 6.0.3.0
NA
CVE-2023-32338
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.
Ibm Sterling Secure Proxy 6.0.3
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling External Authentication Server 6.1.0
Ibm Sterling Secure Proxy 6.1.0
490
VMScore
CVE-2021-29749
IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitating...
Ibm Secure External Authentication Server 6.0.2
Ibm Sterling Secure Proxy 6.0.2
445
VMScore
CVE-2021-29726
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.
Ibm Sterling Secure Proxy 6.0.3
Ibm Secure External Authentication Server 6.0.3
NA
CVE-2023-29261
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.
Ibm Sterling External Authentication Server 6.0.3.0
Ibm Sterling External Authentication Server 6.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »