Denial of Service Vulnerability in IBM Sterling External Authentication Server and Secure Proxy
CVE-2022-22336

7.5HIGH

Key Information:

Vendor: IBM
Status: Sterling Secure Proxy
Vendor: CVE Published:; 23 February 2022

Summary

A vulnerability in IBM Sterling External Authentication Server and IBM Sterling Secure Proxy allows a remote attacker to exploit a resource leak, potentially leading to excessive resource consumption and service disruption. This condition poses significant risks to security and service availability, necessitating immediate attention for affected users.

Affected Version(s)

Sterling Secure Proxy 3.4.3.2

Sterling Secure Proxy 6.0.3.0

Sterling Secure Proxy 6.0.2.0

References

https://www.ibm.com/support/pages/node/6558796

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/219395

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 23, 2022
Vulnerability Reserved
Jan 3, 2022