Vulnerabilities > IBM > Sterling External Authentication Server > 6.1.0

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2023-29261 Insecure Storage of Sensitive Information vulnerability in IBM Sterling External Authentication Server 6.0.3.0/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations.
local
low complexity
ibm CWE-922
5.5
2023-09-05 CVE-2023-32338 Insufficiently Protected Credentials vulnerability in IBM products
IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access.
local
low complexity
ibm CWE-522
5.5
2023-02-08 CVE-2022-35720 Unspecified vulnerability in IBM products
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information.
local
low complexity
ibm
5.5