Ibm Secure External Authentication Server vulnerabilities

3 known vulnerabilities affecting ibm/secure_external_authentication_server.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1

CVE-2021-29726MEDIUMCVSS 5.3v6.0.32022-05-17

CVE-2021-29726 [MEDIUM] CWE-295 CVE-2021-29726: IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properl IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.

CVE-2021-29725HIGHCVSS 7.5v2.4.3.2v6.0.1+1 more2021-07-15

CVE-2021-29725 [HIGH] CWE-770 CVE-2021-29725: IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IBM Secure Proxy 3.4.3.2, 6.0.1, 6.0.2 could allow a remote user to consume resources causing a denial of service due to a resource leak.

CVE-2021-29749MEDIUMCVSS 5.4v6.0.22021-07-15

CVE-2021-29749 [MEDIUM] CWE-918 CVE-2021-29749: IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-s IBM Secure External Authentication Server 6.0.2 and IBM Secure Proxy 6.0.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 201777.