NotCVE - vendor:"Ibm" product:"Sterling Secure Proxy" version:"3.3.0.1"

3 results (0.003 seconds)

CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-0519

https://notcve.org/view.php?id=CVE-2013-0519

10 May 2013 — IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string. IBM Sterling Secure Proxy v3.2.0 y v3.3.01 anterior a v3.3.01.23 Interim Fix 1, v3.4.0 anterior a v3.4.0.6 Interim Fix 1, y v3.4.1 anterior a v3.4.1.7 proporciona da... • http://www-01.ibm.com/support/docview.wss?uid=swg21636369 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-0518

https://notcve.org/view.php?id=CVE-2013-0518

10 May 2013 — IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 does not refuse to be rendered in different-origin frames, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. IBM Sterling Secure Proxy v3.2.0 y v3.3.01 anterior a v3.3.01.23 Interim Fix 1, v3.4.0 anterior a v3.4.0.6 Interim Fix 1, y v3.4.1 anterior a v3.4.1.7 no rechaza ser mostrada en marcos de diferentes orígenes, lo que ha... • http://www-01.ibm.com/support/docview.wss?uid=swg21636369 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

CVE-2013-0520

https://notcve.org/view.php?id=CVE-2013-0520

10 May 2013 — IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 allows remote authenticated users to obtain sensitive Java stack-trace information by providing invalid input data. IBM Sterling Secure Proxy v3.2.0 y v3.3.01 anterior a v3.3.01.23 Interim Fix 1, v3.4.0 anterior a v3.4.0.6 Interim Fix 1, y v3.4.1 anterior a v3.4.1.7 permite a atacantes remotos autenticados obtener información sensible de la pila de Java ("Java stack-trace")... • http://www-01.ibm.com/support/docview.wss?uid=swg21636369 • CWE-20: Improper Input Validation •