CVE-2024-38341

CWE-328CWE-3263 documents3 sources
Severity
7.5HIGH
EPSS
0.1%
top 71.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling Secure Proxy
Timeline
PublishedMay 28

Description

IBM Sterling Secure Proxy 6.0.0.0 through 6.0.3.1, 6.1.0.0 through 6.1.0.0, and 6.2.0.0 through 6.2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/sterling_secure_proxy6.0.0.06.0.3.1+2
NVDibm/sterling_secure_proxy6.0.0.06.0.3.1+2

🔴Vulnerability Details

2
GHSA
GHSA-7xpv-834v-x9rj: IBM Sterling Secure Proxy 62025-05-28
CVEList
IBM Sterling Secure Proxy information disclosure2025-05-28
CVE-2024-38341 (HIGH CVSS 7.5) | IBM Sterling Secure Proxy 6.0.0.0 t | cvebase.io