333 matches found
PT-2024-29563 · Ibm · Ibm Sterling Secure Proxy
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.0.0 through 6.1.0.0 Description: The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to vi...
PT-2024-10279 · Ibm · Ibm Sterling Secure Proxy
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.0.0 through 6.2.0.0 Description: The issue is related to improper validation of a specified type of input, which can allow a privileged user to inject commands into the underlying operating system. This...
PT-2024-10280 · Ibm · Ibm Sterling Secure Proxy
Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.0.0 through 6.2.0.0 Description: The issue is related to incorrect permission assignments for a critical resource in the IBM Sterling Secure Proxy. This could allow an unauthorized attacker to retrieve o...
Trend Micro Apex One Security Proxy Link Vulnerability
Trend Micro Apex One is an endpoint protection software from Trend Micro. Trend Micro Apex One suffers from a Secure Proxy Link vulnerability that stems from a Secure Proxy Link vulnerability that can be exploited by a local attacker to elevate privileges...
Trend Micro Apex One 安全漏洞
Trend Micro Apex One is an endpoint protection software from Trend Micro. Trend Micro Apex One suffers from a Secure Proxy Link vulnerability that stems from a Secure Proxy Link vulnerability that can be exploited by a local attacker to elevate privileges...
IBM Sterling Secure Proxy Information Disclosure Vulnerability (CNVD-2024-14665)
IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. An information disclosure vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which...
IBM Sterling Secure Proxy Cross-Site Scripting Vulnerability
IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A cross-site scripting vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0. An attacker...
IBM Sterling Secure Proxy Cross-Site Scripting Vulnerability (CNVD-2024-15368)
IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A cross-site scripting vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems...
IBM Sterling Secure Proxy Cross-Site Scripting Vulnerability (CNVD-2024-15367)
IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A cross-site scripting vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0. An attacker...
IBM Sterling Secure Proxy Information Disclosure Vulnerability
IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. An information disclosure vulnerability exists in IBM Sterling Secure Proxy that stems from not setting a...
CVE-2023-47699
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974...
CVE-2023-47147
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598...
CVE-2023-46181
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686...
CVE-2023-46179
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2023-46182
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269692...
CVE-2023-47162
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973...
CVE-2023-46182
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269692...
CVE-2023-46179
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure...
CVE-2023-47162
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973...
CVE-2023-46181 IBM Secure Proxy information disclosure
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686...