Vulnerabilities > IBM > Sterling External Authentication Server > 6.0.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-30 | CVE-2021-29722 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-08-30 | CVE-2021-29723 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-08-30 | CVE-2021-29728 | Use of Hard-coded Credentials vulnerability in IBM products IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 4.9 |
2020-07-16 | CVE-2020-4462 | XXE vulnerability in IBM products IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 8.2 |