IBM Sterling External Authentication Server
By the Year
In 2024 there have been 0 vulnerabilities in IBM Sterling External Authentication Server . Last year Sterling External Authentication Server had 2 security vulnerabilities published. Right now, Sterling External Authentication Server is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 2 | 5.50 |
| 2022 | 3 | 6.10 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Sterling External Authentication Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent IBM Sterling External Authentication Server Security Vulnerabilities
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could
CVE-2023-29261
5.5 - Medium
- September 05, 2023
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.
Insecure Storage of Sensitive Information
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text
CVE-2023-32338
5.5 - Medium
- September 05, 2023
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.
Insufficiently Protected Credentials
IBM Sterling External Authentication Server 3.4.3.2
CVE-2022-22349
4.3 - Medium
- February 24, 2022
IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating RESTAPI configuration data. An authorized user could import invalid data which could be used for an attack. IBM X-Force ID: 220144.
Directory traversal
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could
CVE-2022-22336
7.5 - High
- February 23, 2022
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM X-Force ID: 219395.
Memory Leak
IBM Sterling Secure Proxy 6.0.3.0
CVE-2022-22333
6.5 - Medium
- February 23, 2022
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted. A local attacker positioned inside the Secure Zone could submit a specially crafted HTTP request to disrupt service. IBM X-Force ID: 219133.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for IBM Sterling Secure Proxy or by IBM? Click the Watch button to subscribe.
