Lucene search
Sterling External Authentication Server Security Vulnerabilities - 2020
cve
A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.
7.8CVSS
7.8AI Score
0.0005EPSS
2020-02-11 06:15 PM
22
cve
IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive ...
8.2CVSS
8AI Score
0.003EPSS
2020-07-16 03:15 PM
21