Ibm

Sterling Secure Proxy

31 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-51453

  • EPSS 0.08%
  • Published 28.05.2025 15:22:39
  • Last modified 09.06.2025 18:58:08

IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

7.5

CVE-2024-38341

  • EPSS 0.02%
  • Published 28.05.2025 15:21:00
  • Last modified 09.06.2025 18:57:54

IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

9.1

CVE-2024-41783

  • EPSS 0.24%
  • Published 19.01.2025 15:15:21
  • Last modified 25.07.2025 20:38:34

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a privileged user to inject commands into the underlying operating system due to improper validation of a specified type of input.

9.1

CVE-2024-38337

  • EPSS 0.13%
  • Published 19.01.2025 15:15:19
  • Last modified 25.07.2025 20:38:37

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow an unauthorized attacker to retrieve or alter sensitive information contents due to incorrect permission assignments.

7.5

CVE-2024-41784

  • EPSS 0.13%
  • Published 15.11.2024 16:15:34
  • Last modified 20.11.2024 14:35:10

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view a...

6.1

CVE-2023-47699

  • EPSS 0.15%
  • Published 15.03.2024 16:15:08
  • Last modified 21.11.2024 08:30:41

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure w...

5.3

CVE-2023-47147

  • EPSS 0.05%
  • Published 15.03.2024 16:15:08
  • Last modified 21.11.2024 08:29:51

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. IBM X-Force ID: 270598.

3.3

CVE-2023-46181

  • EPSS 0.03%
  • Published 15.03.2024 16:15:07
  • Last modified 21.11.2024 08:28:01

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 269686.

6.1

CVE-2023-47162

  • EPSS 0.15%
  • Published 15.03.2024 15:15:07
  • Last modified 21.11.2024 08:29:52

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure w...

5.4

CVE-2023-46182

  • EPSS 0.14%
  • Published 15.03.2024 15:15:07
  • Last modified 21.11.2024 08:28:01

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure w...