PT-2024-13474 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, potentially altering the intended functionality and leading to credentials disclosure within a trust...

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an application proxy from International Business Machines IBM that is used to ensure the secure transfer of files in an organization's unprotected zone DMZ. An information disclosure vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix. Vulnerability Details CVEID:CVE-2023-41900 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication...

PT-2023-29889 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: This issue allows users to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trust...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple issues

Summary Multple vulnerabilities affect IBM Sterling Secure Proxy and are addressed in the latest release and iFix Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or...

CVE-2023-29261

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...

CVE-2023-29261

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...

Information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...

CVE-2023-32338

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585...

CVE-2023-29261 IBM Sterling Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...

CVE-2023-29261 IBM Sterling Secure Proxy information disclosure

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139...

CVE-2023-29261

CVE-2023-29261 affects IBM Sterling External Authentication Server versions 6.0.3 and 6.1.0. The issue is a local-information-disclosure vulnerability caused by inadequate memory clearing during operations, allowing a local user with system-specific information to obtain privileged data. Affected...

IBM Sterling Secure Proxy Security Vulnerability

IBM Sterling Secure Proxy is an International Business Machines IBM application agent used to ensure the secure transfer of files in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.3 and 6.1.0, which stems from an inadequate memory...

CVE-2023-32338 IBM Sterling Secure Proxy information disclosure

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585...

CVE-2023-32338

CVE-2023-32338 affects IBM Sterling Secure Proxy and IBM Sterling External Authentication Server (versions 6.0.3 and 6.1.0). The root cause is storing user credentials in plain text, readable by a local user with container access. Reported impact is credential disclosure with high confidentiality...

CVE-2023-32338 IBM Sterling Secure Proxy information disclosure

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585...

PT-2023-23735 · Ibm · Ibm Sterling Secure Proxy +1

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy and IBM Sterling External Authentication Server versions 6.0.3 through 6.1.0 Description: The issue allows a local user with container access to read user credentials stored in plain clear text. Recommendations: For...

PT-2023-22227 · Ibm · Ibm Sterling Secure Proxy

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy versions 6.0.3 through 6.1.0 Description: The issue allows a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. Recommendations...

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. IBM Sterling Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21426 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

The vulnerability of the IBM Sterling Secure Proxy proxy server, related to insufficient validation of input data, allows attackers to perform cross-site scripting attacks.

The vulnerability of the IBM Sterling Secure Proxy proxy server is related to insufficient validation of input data when processing HOST headers. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...