CVE-2024-41784
published 2024-11-15CVE-2024-41784: IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot dot" sequences (/.../) to view arbitrary files on the system.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | sterling_secure_proxy | — | — |
| ibm | sterling_secure_proxy | — | — |
| ibm | sterling_secure_proxy | — | — |
| ibm | sterling_secure_proxy | — | — |
| ibm | sterling_secure_proxy | — | — |
| ibm | sterling_secure_proxy | — | — |