CVE-2024-41783

Name of the Vulnerable Software and Affected Versions IBM Sterling Secure Proxy versions 6.0.0.0 through 6.2.0.0

Description The issue is related to improper validation of a specified type of input, which can allow a privileged user to inject commands into the underlying operating system. This can be exploited by a remote attacker to execute arbitrary commands.

Recommendations For IBM Sterling Secure Proxy versions 6.0.0.0 through 6.2.0.0, consider restricting access to the system until a patch is available, and limit the privileges of users who have access to the system to minimize the risk of exploitation. As a temporary workaround, consider disabling any functionality that relies on the vulnerable input validation mechanism until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.