Sterling Secure Proxy@6.0.0.0 Security Vulnerabilities and Issues — Sterling Secure Proxy@6.0.0.0 CVE List

Lucene search

IbmSterling Secure Proxy6.0.0.0

4 matches found

CVE•added 2025/01/19 3:15 p.m.•89 views

CVE-2024-41783

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.

9.1CVSS6.7AI score0.00064EPSS

CVE•added 2025/01/19 3:15 p.m.•75 views

CVE-2024-38337

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.

9.1CVSS6.3AI score0.00052EPSS

CVE•added 2024/11/15 4:15 p.m.•51 views

CVE-2024-41784

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system.

7.5CVSS7.4AI score0.00102EPSS

CVE•added 2020/07/16 3:15 p.m.•31 views

CVE-2020-4462

IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive ...

8.2CVSS8AI score0.00977EPSS