CVE-2013-0519 โ€” Sensitive Information Exposure in IBM Sterling Secure Proxy

CWE-200 โ€” Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 56.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling Secure Proxy
Timeline
PublishedMay 10
Latest updateMay 5

Description

IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fix 1, 3.4.0 before 3.4.0.6 Interim Fix 1, and 3.4.1 before 3.4.1.7 provides web-server version data in (1) an unspecified page title and (2) an unspecified HTTP header field, which allows remote attackers to obtain potentially sensitive information by reading a version string.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

โ–ถNVDibm/sterling_secure_proxy7 versions+6

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-x2c5-cm4v-4x63: IBM Sterling Secure Proxy 3โ†—2022-05-05
โ–ถ
CVEList
CVE-2013-0519: IBM Sterling Secure Proxy 3โ†—2013-05-10
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Red Hat
pam_ssh_agent_auth: symbol crash leading to glibc error() called incorrectlyโ†—2013-02-21
โ–ถ
CVE-2013-0519 โ€” Sensitive Information Exposure in IBM | cvebase