Directory traversal vulnerability in the Configuration Manager in IBM Sterling Secure Proxy (SSP) 3.4.2 before 3.4.2.0 iFix 8 and 3.4.3 before 3.4.3.0 iFix 1 allows remote attackers to read arbitrary files via a crafted URL.
2016-10-06T10:59:04.947
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.2.0 | Yes |
| Application | ibm | sterling_secure_proxy | 3.4.3.0 | Yes |