Sterling Control Center Security Vulnerabilities and Issues — Sterling Control Center CVE List

Lucene search

IbmSterling Control Center

3 matches found

CVE•added 2025/04/10 2:15 p.m.•36 views

CVE-2023-42007

IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5.2AI score0.00036EPSS

CVE•added 2016/07/08 1:59 a.m.•34 views

CVE-2016-0252

IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the master key via unspecified vectors.

5.1CVSS4.9AI score0.0005EPSS

CVE•added 2024/01/19 1:15 a.m.•28 views

CVE-2023-35020

IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874.

5.4CVSS5.2AI score0.00049EPSS