Lucene search
K

335 matches found

NVD
NVD
added 2024/03/15 3:15 p.m.18 views

CVE-2023-47162

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973...

6.1CVSS6AI score0.00348EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 3:13 p.m.53 views

CVE-2023-46181

CVE-2023-46181 affects IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0. The issue allows web pages to be stored locally and read by another user on the same system (information disclosure). Remediation: upgrade to IBM Sterling Secure Proxy iFix 11 (for 6.0.3) or iFix 03 (for 6.1.0) per IBM. Ot...

4CVSS3.4AI score0.0018EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/15 3:13 p.m.9 views

CVE-2023-46181 IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686...

4CVSS5.8AI score0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/15 3:13 p.m.15 views

CVE-2023-46181 IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686...

4CVSS3.9AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/15 3:11 p.m.11 views

CVE-2023-47699 IBM Secure Proxy cross-site scripting

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974...

6.1CVSS6AI score0.00348EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/15 3:11 p.m.22 views

CVE-2023-47699 IBM Secure Proxy cross-site scripting

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974...

6.1CVSS5.9AI score0.00348EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 3:11 p.m.59 views

CVE-2023-47699

CVE-2023-47699 affects IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0. A cross-site scripting vulnerability in the Web UI could let an attacker embed arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. The NVD/IBM entries list a base score of 6.1 (Medi...

6.1CVSS5.8AI score0.00348EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/15 3:9 p.m.52 views

CVE-2023-47147

IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0 are affected by a vulnerability that could allow an attacker to overwrite a log message under specific conditions. The issue is addressed by upgrading to iFix 11 for 6.0.3 and iFix 03 for 6.1.0. Remediation details are provided in IBM’s advisorie...

5.9CVSS5.2AI score0.00415EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/15 3:9 p.m.8 views

CVE-2023-47147 IBM Secure Proxy file manipulation

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598...

5.9CVSS6.4AI score0.00415EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/15 3:8 p.m.13 views

CVE-2023-46179 IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

4.3CVSS5.9AI score0.00281EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/15 3:8 p.m.27 views

CVE-2023-46179 IBM Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...

4.3CVSS4.3AI score0.00281EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 3:8 p.m.64 views

CVE-2023-46179

IBM Sterling Secure Proxy is affected on versions 6.0.3 and 6.1.0 by a vulnerability where authorization tokens or session cookies lack the secure attribute. The issue lets an attacker potentially obtain cookie values by tricking a user into visiting a http link or via a site the user visits, ena...

4.3CVSS4.1AI score0.00281EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/15 3:6 p.m.10 views

CVE-2023-47162 IBM Secure Proxy cross-site scripting

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973...

6.1CVSS6AI score0.00348EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/15 3:6 p.m.22 views

CVE-2023-47162 IBM Secure Proxy cross-site scripting

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973...

6.1CVSS5.9AI score0.00348EPSS
Exploits0References2
CVE
CVE
added 2024/03/15 3:6 p.m.55 views

CVE-2023-47162

CVE-2023-47162 affects IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0 and is a cross-site scripting vulnerability in the Web UI that could allow embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. The connected IBM and CNVD entries confirm t...

6.1CVSS5.8AI score0.00348EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/03/15 2:45 p.m.60 views

CVE-2023-46182

CVE-2023-46182 affects IBM Sterling Secure Proxy 6.0.3 and 6.1.0. The issue is a cross-site scripting vulnerability in the Web UI that lets an attacker embed arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. Accessible in the Web UI, the vulnerability’s ...

5.4CVSS5.2AI score0.00362EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/15 2:45 p.m.12 views

CVE-2023-46182 IBM Secure Proxy cross-site scripting

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269692...

5.4CVSS6.1AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/15 12:0 a.m.3 views

IBM Sterling Secure Proxy 跨站脚本漏洞

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A cross-site scripting vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems...

5.4CVSS5.9AI score0.00362EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/03/15 12:0 a.m.3 views

PT-2024-13474 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trust...

6.1CVSS6.9AI score0.00348EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/03/15 12:0 a.m.4 views

IBM Sterling Secure Proxy Security Vulnerability

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems from a vulnerability...

5.9CVSS6.6AI score0.00415EPSS
Exploits0References3
Rows per page
Query Builder