Information Disclosure Vulnerability in IBM Sterling Secure Proxy
CVE-2013-0520

Currently unrated

Key Information:

Vendor: IBM
Status: Sterling Secure Proxy
Vendor: CVE Published:; 10 May 2013

What is CVE-2013-0520?

IBM Sterling Secure Proxy versions 3.2.0, 3.3.01 (prior to 3.3.01.23 Interim Fix 1), 3.4.0 (prior to 3.4.0.6 Interim Fix 1), and 3.4.1 (prior to 3.4.1.7) allow remote authenticated users to access sensitive Java stack-trace information by sending deliberately malformed input. This exposure can potentially facilitate further attacks and compromise the confidentiality of the system.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21636369

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/83433

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 10, 2013
Vulnerability Reserved
Dec 16, 2012