CVE-2024-41784

Name of the Vulnerable Software and Affected Versions IBM Sterling Secure Proxy versions 6.0.0.0 through 6.1.0.0

Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

Recommendations For versions 6.0.0.0 through 6.1.0.0, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, consider implementing additional validation and sanitization of URL requests to prevent directory traversal attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.