IBM Sterling Secure Proxy 6.0-6.2 Weak Crypto Decryption Vulnerability
CVE-2024-38341 Published on May 28, 2025
IBM Sterling Secure Proxy information disclosure
IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Vulnerability Analysis
CVE-2024-38341 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
Reversible One-Way Hash
The product uses a hashing algorithm that produces a hash value that can be used to determine the original input, or to find an input that can produce the same hash, more efficiently than brute force techniques. This weakness is especially dangerous when the hash is used in security algorithms that require the one-way property to hold. For example, if an authentication system takes an incoming password and generates a hash, then compares the hash to another hash that it has stored in its authentication database, then the ability to create a collision could allow an attacker to provide an alternate password that produces the same target hash, bypassing authentication.
Products Associated with CVE-2024-38341
Want to know whenever a new CVE is published for IBM Sterling Secure Proxy? stack.watch will email you.
Affected Versions
IBM Sterling Secure Proxy:- Version 6.0.0.0, <= 6.0.3.1 is affected.
- Version 6.1.0.0, <= 6.1.0.1 is affected.
- Version 6.2.0.0, <= 6.2.0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.