IBM Sterling External Authentication Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in IBM Sterling External Authentication Server.
By the Year
In 2026 there have been 0 vulnerabilities in IBM Sterling External Authentication Server. Sterling External Authentication Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 3 | 5.50 |
| 2022 | 3 | 6.10 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 0.00 |
It may take a day or so for new Sterling External Authentication Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Sterling External Authentication Server Security Vulnerabilities
IBM Sterling Secure Proxy 6.0.3/6.1.0 memory clear flaw
CVE-2023-29261
5.5 - Medium
- September 05, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.
Insecure Storage of Sensitive Information
IBM Sterling Secure Proxy 6.0.3/6.1.0 Credential Exposure
CVE-2023-32338
5.5 - Medium
- September 05, 2023
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.
Insufficiently Protected Credentials
Weak crypto in IBM Sterling External Authentication Server 6.1.0 & Secure Proxy 6.0.3
CVE-2022-35720
5.5 - Medium
- February 08, 2023
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.
Use of a Broken or Risky Cryptographic Algorithm
IBM Sterling External Authentication Server 3.4.3.2
CVE-2022-22349
4.3 - Medium
- February 24, 2022
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.
Directory traversal
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could
CVE-2022-22336
7.5 - High
- February 23, 2022
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
Memory Leak
IBM Sterling Secure Proxy 6.0.3.0
CVE-2022-22333
6.5 - Medium
- February 23, 2022
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.
Classic Buffer Overflow
A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1
CVE-2013-0517
- February 11, 2020
A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Sterling External Authentication Server or by IBM? Click the Watch button to subscribe.
