9.1
CVE-2024-38337
- EPSS 0.11%
- Veröffentlicht 19.01.2025 15:15:19
- Zuletzt bearbeitet 25.07.2025 20:38:37
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Sterling Secure Proxy improper input validation
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Sterling Secure Proxy Version >= 6.0.0.0 < 6.0.3.1
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Sterling Secure Proxy Version6.1.0.0
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Sterling Secure Proxy Version6.2.0.0
Ibm ≫ Aix Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
Ibm ≫ Linux On Ibm Z Version-
Linux ≫ Linux Kernel Version-
Microsoft ≫ Windows Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.29 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 9.1 | 3.9 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-732 Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.