CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51453 – IBM Sterling Secure Proxy directory traversal
https://notcve.org/view.php?id=CVE-2024-51453
28 May 2025 — IBM Sterling Secure Proxy 6.2.0.0 through 6.2.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. • https://www.ibm.com/support/pages/node/7234887 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2024-38341 – IBM Sterling Secure Proxy information disclosure
https://notcve.org/view.php?id=CVE-2024-38341
28 May 2025 — IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. • https://www.ibm.com/support/pages/node/7234888 • CWE-328: Use of Weak Hash •