Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
IbmSterling Secure Proxy6.1.0

9 matches found

CVE
CVEadded 2024/03/15 3:15 p.m.52 views

CVE-2023-46179

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure lin...

4.3CVSS4.1AI score0.00026EPSS
CVE
CVEadded 2024/11/15 4:15 p.m.51 views

CVE-2024-41784

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system.

7.5CVSS7.4AI score0.00102EPSS
CVE
CVEadded 2024/03/15 4:15 p.m.50 views

CVE-2023-47699

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270974.

6.1CVSS5.8AI score0.00111EPSS
CVE
CVEadded 2024/03/15 3:15 p.m.48 views

CVE-2023-46182

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269692.

5.4CVSS5.2AI score0.00099EPSS
CVE
CVEadded 2024/03/15 3:15 p.m.45 views

CVE-2023-47162

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 270973.

6.1CVSS5.8AI score0.00111EPSS
CVE
CVEadded 2024/03/15 4:15 p.m.42 views

CVE-2023-46181

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

4CVSS3.4AI score0.0002EPSS
CVE
CVEadded 2024/03/15 4:15 p.m.42 views

CVE-2023-47147

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

5.9CVSS5.2AI score0.00053EPSS
CVE
CVEadded 2023/09/05 12:15 a.m.34 views

CVE-2023-32338

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.

5.5CVSS4.9AI score0.00019EPSS
CVE
CVEadded 2023/09/05 1:15 a.m.33 views

CVE-2023-29261

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.

5.5CVSS4.8AI score0.00016EPSS