PT-2013-2400 · Ibm · Ibm Sterling Secure Proxy
Publicado
2013-05-10
·
Atualizado
2017-08-29
·
CVE-2013-0519
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Sterling Secure Proxy versions 3.2.0 through 3.3.01 before 3.3.01.23 Interim Fix 1
IBM Sterling Secure Proxy versions 3.4.0 through 3.4.0 before 3.4.0.6 Interim Fix 1
IBM Sterling Secure Proxy versions 3.4.1 through 3.4.1 before 3.4.1.7
Description
The issue allows remote attackers to obtain potentially sensitive information by reading a version string from (1) an unspecified page title and (2) an unspecified HTTP header field.
Recommendations
For IBM Sterling Secure Proxy versions 3.2.0 through 3.3.01 before 3.3.01.23 Interim Fix 1, apply Interim Fix 1 to resolve the issue.
For IBM Sterling Secure Proxy versions 3.4.0 through 3.4.0 before 3.4.0.6 Interim Fix 1, apply Interim Fix 1 to resolve the issue.
For IBM Sterling Secure Proxy versions 3.4.1 through 3.4.1 before 3.4.1.7, apply the update to version 3.4.1.7 to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Sterling Secure Proxy