Ibm Sterling External Authentication Server — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Sterling External Authentication Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2020-4462 — CVSS 8.2 (high): IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2…
CVE-2013-0517 — CVSS 7.8 (high): A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified…
CVE-2021-29722 — CVSS 7.5 (high): IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an…
CVE-2021-29723 — CVSS 7.5 (high): IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 uses weaker than expected cryptographic algorithms that could allow an…
CVE-2022-22336 — CVSS 7.5 (high): IBM Sterling External Authentication Server and IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 could allow a remote user to…
CVE-2022-22333 — CVSS 6.5 (medium): IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterling External Authentication Server are vulnerable a buffer overflow…
CVE-2023-29261 — CVSS 5.1 (medium): IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged…
CVE-2023-32338 — CVSS 5.1 (medium): IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which…
CVE-2021-29728 — CVSS 4.9 (medium): IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 contains hard-coded credentials, such as a password or cryptographic key…
CVE-2022-22349 — CVSS 4.3 (medium): IBM Sterling External Authentication Server 3.4.3.2, 6.0.2.0, and 6.0.3.0 is vulnerable to path traversals, due to not properly validating…
CVE-2022-35720 — CVSS 2.3 (low): IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms…