Sterling Control Center@6.3.1 Security Vulnerabilities and Issues — Sterling Control Center@6.3.1 CVE List

Lucene search

IbmSterling Control Center6.3.1

3 matches found

CVE•added 2025/03/07 5:15 p.m.•39 views

CVE-2023-35894

IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.

6.1CVSS6.8AI score0.00045EPSS

CVE•added 2025/04/10 2:15 p.m.•37 views

CVE-2023-43035

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system.

4CVSS4AI score0.00016EPSS

CVE•added 2025/04/10 2:15 p.m.•36 views

CVE-2023-42007

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00036EPSS