IBM Sterling Secure Proxy 6.0.3.0

CPE Details

IBM Sterling Secure Proxy 6.0.3.0
ibm
sterling_secure_proxy
6.0.3.0
2022-03-01
16h30 +00:00
2022-03-01
18h52 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:sterling_secure_proxy:6.0.3.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

sterling_secure_proxy

Version

6.0.3.0

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-41784 2024-11-15 15h40 +00:00 IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system.
7.5
Haute
CVE-2022-22336 2022-02-23 19h45 +00:00 IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
7.5
Haute
CVE-2022-22333 2022-02-23 19h45 +00:00 IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.
6.5
Moyen