CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-29749
https://notcve.org/view.php?id=CVE-2021-29749
IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201777. IBM Secure External Authentication Server versión 6.0.2 e IBM Secure Proxy versión 6.0.2 son vulnerables a un ataque de tipo server-side request forgery (SSRF). Esto puede permitir a un atacante autenticado enviar peticiones no autorizadas desde el sistema, conllevando potencialmente a la enumeración de la red o facilitar otros ataques. • https://exchange.xforce.ibmcloud.com/vulnerabilities/201777 https://www.ibm.com/support/pages/node/6471621 https://www.ibm.com/support/pages/node/6471623 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-29725
https://notcve.org/view.php?id=CVE-2021-29725
IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak. IBM Secure External Authentication Server versiones 2.4.3.2, 6.0.1, 6.0.2 e IBM Secure Proxy versiones 3.4.3.2, 6.0.1, 6.0.2, podrían permitir a un usuario remoto consumir recursos causando una denegación de servicio debido a una fuga de recursos • https://exchange.xforce.ibmcloud.com/vulnerabilities/201102 https://www.ibm.com/support/pages/node/6471577 https://www.ibm.com/support/pages/node/6471615 • CWE-770: Allocation of Resources Without Limits or Throttling •