Lucene search
K

12 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 10:39 p.m.31 views

Security Bulletin: Potential Denial of Service (DoS) security vulnerability in IBM Sterling Connect:Enterprise for UNIX

Abstract Potential Denial of Service DoS security vulnerability in IBM Sterling Connect:Enterprise for UNIX due to a Java HashTable security vulnerability in Jetty CVE-2011-4461. Content SUMMARY: Potential Denial of Service DoS security vulnerability in IBM Sterling Connect:Enterprise for UNIX du...

5.3CVSS5.3AI score0.05044EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/25 8:45 p.m.57 views

Security Bulletin: IBM Sterling Connect:Enterprise for UNIX is affected by multiple vulnerabilities in OpenSSL

Abstract A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Sterling Connect:Enterprise for UNIX. Content VULNERABILITY DETAILS: CVE IDs : CVE-2012-2131 CVE-2012-2110 CVE-2012-0884 CVE-2012-0050 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-461...

9.3CVSS7.2AI score0.54372EPSS
Exploits12Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 1:14 a.m.15 views

Security Bulletin: Cross frame scripting vulnerability in Connect:Enterprise HTTP (CVE-2013-6327)

Summary IBM Sterling Connect:Enterprise HTTP Option is vulnerable to cross frame scripting attacks. Vulnerability Details CVE ID: CVE-2013-6327 DESCRIPTION: IBM Sterling Connect:Enterprise HTTP Option could allow a cross-frame scripting attack, caused by improper validation of input within a fram...

4.3CVSS0.3AI score0.00931EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 1:14 a.m.36 views

Security Bulletin: Vulnerability in OpenSSL affects Sterling Connect:Enterprise for UNIX (CVE-2016-0800).

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 by the OpenSSL Project. OpenSSL is used by Sterling Connect:Enterprise for UNIX. Sterling Connect:Enterprise for UNIX has addressed the applicable CVE, the “DROWN: Decrypting RSA with Obsolete and Weakened eNcryption" vulnerability...

5.9CVSS0.2AI score0.82112EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 1:14 a.m.28 views

Security Bulletin: Sterling Connect:Enterprise For UNIX and Sterling Connect:Enterprise clients are affected by the POODLE and OpenSSL vulnerabilities (CVE-2014-3566, CVE-2014-3567)

Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in Sterling Connect:Enterprise For UNIX, Sterling Connect:Enterprise Command Line Client, Sterling Connect:Enterprise HTTP Option, and Sterling...

7.1CVSS0.3AI score0.99999EPSS
Exploits7Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 1:14 a.m.18 views

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Sterling Connect:Enterprise for UNIX (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Sterling Connect:Enterprise for UNIX when using the AS2 or WebDAV protocols. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain...

4.3CVSS0.2AI score0.9986EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 1:14 a.m.35 views

Security Bulletin: IBM Sterling Connect:Enterprise for UNIX affected by the following OpenSSL vulnerability (CVE-2014-0224).

Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. Vulnerability Details CVE ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients an...

7.4CVSS0.5AI score0.95326EPSS
Exploits9Affected Software1
NVD
NVD
added 2013/12/17 3:21 p.m.13 views

CVE-2013-6327

Cross-site scripting XSS vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue...

4.3CVSS5.5AI score0.00931EPSS
Exploits1References2
Prion
Prion
added 2013/12/17 3:21 p.m.11 views

Cross site scripting

Cross-site scripting XSS vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue...

4.3CVSS6AI score0.00931EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2013/12/17 11:0 a.m.20 views

CVE-2013-6327

Cross-site scripting XSS vulnerability in the HTTP Option in IBM Sterling Connect:Enterprise 1.3 before 1.3.0.2 iFix 1 and 1.4 before 1.4.0.0 iFix 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "cross-frame scripting" issue...

5.5AI score0.00931EPSS
Exploits1References2
CVE
CVE
added 2013/12/17 11:0 a.m.41 views

CVE-2013-6327

IBM Sterling Connect:Enterprise HTTP Option is affected by CVE-2013-6327, a cross-frame scripting vulnerability in which input within a frame is improperly validated, allowing a remote attacker to inject arbitrary script or HTML. Affected versions are 1.3.0.2 and 1.4.0.0; remediation is to apply ...

4.3CVSS5.7AI score0.00931EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2013/12/17 12:0 a.m.24 views

IBM Sterling Connect:Enterprise跨站脚本漏洞

CVE ID:CVE-2013-6327 IBM Sterling Connect是一款点到点文件传输软件,可实现企业内和企业间的大容量、安全可靠的文件交付。 IBM Sterling Connect:Enterprise存在一个未明跨站脚本漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时可获取敏感信息或者劫持用户会话。 0 IBM Sterling Connect:Enterprise 1.3.0.2 IBM Sterling Connect:Enterprise 1.4.0.0. 厂商补丁: IBM ----- IBM Sterling Connect...

4.3CVSS6.6AI score0.00931EPSS
Exploits1
Rows per page
Query Builder