Sterling Secure Proxy@3.4.3.2 Security Vulnerabilities and Issues — Sterling Secure Proxy@3.4.3.2 CVE List

Lucene search

IbmSterling Secure Proxy3.4.3.2

6 matches found

CVE•added 2022/02/23 8:15 p.m.•156 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.

7.5CVSS7.3AI score0.0194EPSS

CVE•added 2022/02/23 8:15 p.m.•115 views

CVE-2022-22333

IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned in...

6.5CVSS6.5AI score0.00648EPSS

CVE•added 2021/08/30 5:15 p.m.•51 views

CVE-2021-29723

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.

7.5CVSS7.3AI score0.00142EPSS

CVE•added 2021/07/15 4:15 p.m.•40 views

CVE-2021-29725

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.

7.5CVSS7.3AI score0.02028EPSS

CVE•added 2021/08/30 5:15 p.m.•36 views

CVE-2021-29728

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 201160.

4.9CVSS5.8AI score0.00088EPSS

CVE•added 2021/08/30 5:15 p.m.•30 views

CVE-2021-29722

7.5CVSS7.2AI score0.00142EPSS