IBM Sterling External Authentication Server 3.4.3.2

CPE Details

IBM Sterling External Authentication Server 3.4.3.2
ibm
sterling_external_authentication_server
3.4.3.2
2022-03-01
16h30 +00:00
2022-03-01
18h52 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:sterling_external_authentication_server:3.4.3.2:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

sterling_external_authentication_server

Version

3.4.3.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-22349 2022-02-24 17h10 +00:00 IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.
4.3
Moyen
CVE-2022-22336 2022-02-23 19h45 +00:00 IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
7.5
Haute
CVE-2022-22333 2022-02-23 19h45 +00:00 IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.
6.5
Moyen