3 results (0.008 seconds)

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-29261 – IBM Sterling Secure Proxy information disclosure

https://notcve.org/view.php?id=CVE-2023-29261

IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139. IBM Sterling Secure Proxy v6.0.3 y v6.1.0 podrían permitir a un usuario local con información específica sobre el sistema obtener información privilegiada debido a una limpieza inadecuada de la memoria durante las operaciones. ID de IBM X-Force: 252139. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252139 https://https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029765 • CWE-922: Insecure Storage of Sensitive Information •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2023-32338 – IBM Sterling Secure Proxy information disclosure

https://notcve.org/view.php?id=CVE-2023-32338

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585. IBM Sterling Secure Proxy e IBM Sterling External Authentication Server v6.0.3 y v6.1.0 almacenan credenciales de usuario en texto claro que puede leer un usuario local con acceso al contenedor. IBM X-Force ID: 255585. • https://exchange.xforce.ibmcloud.com/vulnerabilities/255585 https://https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029765 https://www.ibm.com/support/pages/node/7029766 • CWE-522: Insufficiently Protected Credentials •

CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-35720 – IBM Sterling External Authentication Server information disclosure

https://notcve.org/view.php?id=CVE-2022-35720

IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373. • https://www.ibm.com/support/pages/node/6890663 https://www.ibm.com/support/pages/node/6890669 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •