CVE-2022-34362

Name of the Vulnerable Software and Affected Versions IBM Sterling Secure Proxy version 6.0.3

Description The issue is related to insufficient input validation when processing HOST headers, which can lead to HTTP header injection. This could allow a remote attacker to conduct various attacks, including cross-site scripting, cache poisoning, or session hijacking.

Recommendations For IBM Sterling Secure Proxy version 6.0.3, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the HOST headers to minimize the risk of exploitation.