CVE-2013-0518Improper Input Validation in IBM Sterling Secure Proxy

CWE-20Improper Input Validation3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 58.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling Secure Proxy
Timeline
PublishedMay 10
Latest updateMay 5

Description

IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 does not refuse to be rendered in different-origin frames, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/sterling_secure_proxy7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-gp4w-9q3v-7wvx: IBM Sterling Secure Proxy 32022-05-05
CVEList
CVE-2013-0518: IBM Sterling Secure Proxy 32013-05-10
CVE-2013-0518 — Improper Input Validation in IBM | cvebase