Lucene search
K

335 matches found

Positive Technologies
Positive Technologies
added 2022/05/17 12:0 a.m.9 views

PT-2022-9929 · Ibm · Ibm Secure External Authentication Server +1

Name of the Vulnerable Software and Affected Versions: IBM Sterling Secure Proxy version 6.0.3 IBM Secure External Authentication Server version 6.0.3 Description: The issue arises from improper validation of certificates, which fails to ensure that a certificate is actually associated with the...

5.3CVSS5.2AI score0.00808EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/16 9:34 p.m.44 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8 used by IBM Sterling Secure Proxy. IBM Sterling Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-35603 DESCRIPTION: An unspecified vulnerability in Java SE related to the...

7.1CVSS2.4AI score0.06868EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/16 9:28 p.m.25 views

Security Bulletin: IBM Sterling External Authentication Server is vulnerable to improper validation of certificates

Summary IBM Sterling External Authentication Server does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. Vulnerability Details CVEID: CVE-2021-29726 DESCRIPTION: IBM Sterling Secure Proxy does not properly ensure that a...

5.3CVSS2AI score0.00808EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/16 9:21 p.m.34 views

Security Bulletin: IBM Sterling Secure Proxy is vulnerable to improper validation of certificates (CVE-2021-29726)

Summary IBM Sterling Secure Proxy does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. Vulnerability Details CVEID: CVE-2021-29726 DESCRIPTION: IBM Sterling Secure Proxy does not properly ensure that a certificate is actually...

5.3CVSS1.9AI score0.00808EPSS
Exploits0Affected Software1
Fedora
Fedora
added 2022/05/07 5:6 a.m.28 views

[SECURITY] Fedora 36 Update: golang-k8s-kube-aggregator-1.22.0-3.fc36

Aggregator for Kubernetes-style API servers: dynamic registration, discovery summarization, secure proxy...

7.5CVSS3.2AI score0.03931EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/04/29 12:0 a.m.17 views

Fedora: Security Advisory for golang-k8s-kube-aggregator (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS10AI score0.03931EPSS
Exploits0References2
CNVD
CNVD
added 2022/02/25 12:0 a.m.24 views

IBM Sterling Secure Proxy缓冲区溢出漏洞

IBM Sterling Secure Proxy, an IBM application proxy for securing file transfers in an organization's unprotected zone DMZ, secures trusted zones with multi-factor authentication, SSL session interruption, inbound firewall vulnerability patching, protocol checking, and other controls.IBM Sterling...

6.5CVSS1AI score0.00576EPSS
Exploits0References1
CNVD
CNVD
added 2022/02/25 12:0 a.m.32 views

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy Denial of Service Vulnerability

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy are both products of International Business Machines Corporation IBM. IBM Sterling External Authentication Server and IBM Sterling External Authentication Server and IBM Sterling Secure Proxy have a denial of service...

7.5CVSS3.4AI score0.01968EPSS
Exploits0References1
NVD
NVD
added 2022/02/23 8:15 p.m.22 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395...

7.5CVSS0.01968EPSS
Exploits0References2
OSV
OSV
added 2022/02/23 8:15 p.m.4 views

CVE-2022-22333

IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned...

6.5CVSS6.9AI score0.00576EPSS
Exploits0References2
OSV
OSV
added 2022/02/23 8:15 p.m.2 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395...

7.5CVSS5.8AI score0.01968EPSS
Exploits0References2
Prion
Prion
added 2022/02/23 8:15 p.m.16 views

Buffer overflow

IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned...

3.3CVSS6.5AI score0.00576EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2022/02/23 7:45 p.m.16 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395...

7.5CVSS7.3AI score0.01968EPSS
Exploits0References2
CVE
CVE
added 2022/02/23 7:45 p.m.169 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy are affected by CVE-2022-22336. The vulnerability allows a remote attacker to cause a denial of service through a resource leak in the affected components. Affected products/versions include IBM Sterling Secure Proxy 6.0.3....

7.5CVSS7.3AI score0.01968EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2022/02/23 7:45 p.m.127 views

CVE-2022-22333

CVE-2022-22333 affects IBM Sterling Secure Proxy and IBM Sterling External Authentication Server. Root cause: Jetty-based GUI in the Secure Zone does not properly validate the sizes of form content and/or HTTP headers, enabling a local attacker inside the Secure Zone to trigger a denial-of-servic...

6.5CVSS6.5AI score0.00576EPSS
Exploits0References2Affected Software2
IBM Security Bulletins
IBM Security Bulletins
added 2022/02/23 4:6 a.m.33 views

Security Bulletin: Multiple Vulnerabilities were detected in IBM Sterling Secure Proxy (CVE-2022-22336, CVE-2022-22333)

Summary There are multiple vulnerabilities in IBM Sterling Secure Proxy detected by internal scans. IBM Sterling Secure Proxy has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2022-22336 DESCRIPTION: IBM Sterling External Authentication Serverand IBM Sterling Secure Proxy could...

7.5CVSS6.8AI score0.01968EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2022/02/23 12:0 a.m.3 views

IBM Sterling External Authentication Server和IBM Sterling Secure Proxy 安全漏洞

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy are both products of International Business Machines Corporation IBM. IBM Sterling External Authentication Server and IBM Sterling External Authentication Server and IBM Sterling Secure Proxy have a denial of service...

7.5CVSS5.7AI score0.01968EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/23 12:0 a.m.5 views

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy, an IBM application proxy for securing file transfers in an organization's unprotected zone DMZ, secures trusted zones with multi-factor authentication, SSL session interruption, inbound firewall vulnerability patching, protocol checking, and other controls.IBM Sterling...

6.5CVSS5.6AI score0.00576EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/02/22 12:0 a.m.6 views

CVE-2022-22333

IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned...

6.5CVSS7AI score0.00576EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/22 12:0 a.m.7 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395...

7.5CVSS7.2AI score0.01968EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder