CVE-2024-51453

Name of the Vulnerable Software and Affected Versions IBM Sterling Secure Proxy versions 6.2.0.0 through 6.2.0.1

Description The issue allows a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing dot dot sequences (../) to view arbitrary files on the system.

Recommendations For IBM Sterling Secure Proxy versions 6.2.0.0 through 6.2.0.1, consider restricting access to sensitive files and directories until a patch is available. As a temporary workaround, consider validating and sanitizing all URL requests to prevent directory traversal attacks.