Vulnerabilities > IBM > Sterling Secure Proxy > 6.0.3.0

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-41784 Path Traversal vulnerability in IBM Sterling Secure Proxy
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5
7.5
2022-02-23 CVE-2022-22333 Classic Buffer Overflow vulnerability in IBM products
IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow, due to the Jetty based GUI in the Secure Zone not properly validating the sizes of the form content and/or HTTP headers submitted.
low complexity
ibm CWE-120
6.5
6.5
2022-02-23 CVE-2022-22336 Memory Leak vulnerability in IBM products
IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.
network
low complexity
ibm CWE-401
7.5
7.5