Sterling Secure Proxy Security Vulnerabilities and Issues — Sterling Secure Proxy CVE List

Lucene search

IbmSterling Secure Proxy

9 matches found

CVE•added 2022/02/23 8:15 p.m.•156 views

CVE-2022-22336

IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.

7.5CVSS7.3AI score0.0194EPSS

CVE•added 2021/08/30 5:15 p.m.•51 views

CVE-2021-29723

IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-ForceID: 201100.

7.5CVSS7.3AI score0.00142EPSS

CVE•added 2024/11/15 4:15 p.m.•51 views

CVE-2024-41784

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system.

7.5CVSS7.4AI score0.00102EPSS

CVE•added 2022/12/06 6:15 p.m.•45 views

CVE-2022-34361

IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 230522.

7.5CVSS6.3AI score0.00029EPSS

CVE•added 2025/05/28 4:15 p.m.•45 views

CVE-2024-51453

IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

7.5CVSS4.6AI score0.00064EPSS

CVE•added 2025/05/28 4:15 p.m.•44 views

CVE-2024-38341

IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5CVSS5.6AI score0.00018EPSS

CVE•added 2021/07/15 4:15 p.m.•40 views

CVE-2021-29725

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.

7.5CVSS7.3AI score0.02028EPSS

CVE•added 2016/10/06 10:59 a.m.•32 views

CVE-2016-6023

Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to read arbitrary files via a crafted URL.

7.5CVSS7.2AI score0.00221EPSS

CVE•added 2021/08/30 5:15 p.m.•30 views

CVE-2021-29722

7.5CVSS7.2AI score0.00142EPSS