Information Disclosure in IBM Sterling Secure Proxy by IBM
CVE-2013-0519

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Secure Proxy
Vendor: CVE Published:; 10 May 2013

Summary

IBM Sterling Secure Proxy versions 3.2.0, 3.3.01 (prior to 3.3.01.23 Interim Fix 1), 3.4.0 (prior to 3.4.0.6 Interim Fix 1), and 3.4.1 (prior to 3.4.1.7) have a vulnerability that allows remote attackers to access sensitive information. This occurs through the exposure of web server version data in an unspecified page title and an unspecified HTTP header field, enabling attackers to glean version strings that could aid them in executing further attacks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/82654

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21636369

x_refsource_CONFIRM

Timeline

Vulnerability published
May 10, 2013
Vulnerability Reserved
Dec 16, 2012