cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-35720,https://securityvulnerability.io/vulnerability/CVE-2022-35720,IBM Sterling External Authentication Server information disclosure,IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information.  IBM X-Force ID:  231373.,IBM,"Sterling External Authentication Server,Sterling Secure Proxy",2.3,LOW,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-02-08T18:24:03.263Z,0
CVE-2021-29726,https://securityvulnerability.io/vulnerability/CVE-2021-29726,Certificate Validation Flaw in IBM Sterling Secure Proxy and Secure External Authentication Server,"IBM Sterling Secure Proxy and IBM Secure External Authentication Server versions 6.0.3 exhibit a critical flaw where the system does not adequately validate that a certificate is linked to the corresponding host. This improper certificate validation can potentially allow unauthorized access or mislead the system into trusting invalid certificates, posing a significant security risk. Users are advised to apply patches and monitor their systems to mitigate any possible exploitation.",IBM,"Secure External Authentication Server,Sterling Secure Proxy",5.3,MEDIUM,0.0011899999808520079,false,,false,false,false,,,false,false,,2022-05-17T17:15:00.000Z,0
CVE-2022-22349,https://securityvulnerability.io/vulnerability/CVE-2022-22349,Path Traversal Vulnerability in IBM Sterling External Authentication Server,"The IBM Sterling External Authentication Server suffers from a path traversal vulnerability due to insufficient validation of RESTAPI configuration data. This weakness may allow an authorized user to exploit the system by importing invalid data, potentially leading to unauthorized access and manipulation of sensitive files on the server.",IBM,Sterling External Authentication Server,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2022-02-24T17:15:00.000Z,0
CVE-2020-4462,https://securityvulnerability.io/vulnerability/CVE-2020-4462,,"IBM Sterling External Authentication Server 6.0.1, 6.0.0, 2.4.3.2, and 2.4.2 and IBM Sterling Secure Proxy 6.0.1, 6.0.0, 3.4.3, and 3.4.2 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181482.",IBM,"Sterling Secure Proxy,External Authentication Server,Sterling External Authentication Server",8.2,HIGH,0.0030400000978261232,false,,false,false,false,,,false,false,,2020-07-16T15:15:00.000Z,0
CVE-2013-0517,https://securityvulnerability.io/vulnerability/CVE-2013-0517,,"A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.",IBM,Sterling External Authentication Server,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-02-11T17:05:59.000Z,0