Ibm Sterling Control Center — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Sterling Control Center, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2013-2968 — CVSS 6.3 (medium): An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1…
CVE-2023-35020 — CVSS 5.4 (medium): IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially…
CVE-2023-35894 — CVSS 5.4 (medium): IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2023-42007 — CVSS 5.4 (medium): IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed…
CVE-2016-0252 — CVSS 5.1 (medium): IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the…
CVE-2023-43035 — CVSS 4.0 (medium): IBM Sterling Control Center 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally which can be read by another user on the system.
CVE-2013-2969 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through…
CVE-2014-0925 — CVSS 3.5 (low): Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote…