cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-35720,https://securityvulnerability.io/vulnerability/CVE-2022-35720,IBM Sterling External Authentication Server information disclosure,IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information.  IBM X-Force ID:  231373.,IBM,"Sterling External Authentication Server,Sterling Secure Proxy",2.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-08T18:24:03.263Z,0
CVE-2021-29726,https://securityvulnerability.io/vulnerability/CVE-2021-29726,Certificate Validation Flaw in IBM Sterling Secure Proxy and Secure External Authentication Server,"IBM Sterling Secure Proxy and IBM Secure External Authentication Server versions 6.0.3 exhibit a critical flaw where the system does not adequately validate that a certificate is linked to the corresponding host. This improper certificate validation can potentially allow unauthorized access or mislead the system into trusting invalid certificates, posing a significant security risk. Users are advised to apply patches and monitor their systems to mitigate any possible exploitation.",IBM,"Secure External Authentication Server,Sterling Secure Proxy",5.3,MEDIUM,0.0011899999808520079,false,,false,false,false,,,false,false,,2022-05-17T17:15:00.000Z,0
CVE-2021-29725,https://securityvulnerability.io/vulnerability/CVE-2021-29725,,"IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.",IBM,"Secure External Authentication Server,Secure Proxy",7.5,HIGH,0.0031399999279528856,false,,false,false,false,,,false,false,,2021-07-15T16:15:00.000Z,0
CVE-2021-29749,https://securityvulnerability.io/vulnerability/CVE-2021-29749,,"IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201777.",IBM,"Secure Proxy,Secure External Authentication Server",6.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2021-07-15T16:15:00.000Z,0
CVE-2020-4462,https://securityvulnerability.io/vulnerability/CVE-2020-4462,,"IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181482.",IBM,"Sterling Secure Proxy,External Authentication Server,Sterling External Authentication Server",8.2,HIGH,0.0030400000978261232,false,,false,false,false,,,false,false,,2020-07-16T15:15:00.000Z,0