Vulnerabilities > IBM > Sterling External Authentication Server > 6.1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-05	CVE-2023-29261	Insecure Storage of Sensitive Information vulnerability in IBM Sterling External Authentication Server 6.0.3.0/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. local low complexity ibm CWE-922	5.5
2023-09-05	CVE-2023-32338	Insufficiently Protected Credentials vulnerability in IBM products IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. local low complexity ibm CWE-522	5.5
2023-02-08	CVE-2022-35720	Unspecified vulnerability in IBM products IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. local low complexity ibm	5.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.