Skip to main content

Secure External Authentication Server

2 CVEs product

Monthly

CVE-2021-29749 MEDIUM PATCH This Month

IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM SSRF Secure External Authentication Server Sterling Secure Proxy
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2021-29725 HIGH PATCH This Week

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

IBM Denial Of Service Secure External Authentication Server Sterling Secure Proxy
NVD
CVSS 3.1
7.5
EPSS
2.9%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM SSRF Secure External Authentication Server +1
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

IBM Denial Of Service Secure External Authentication Server +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy