Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM7297497E1A83523C76EF1125858926086251384328E5C8014386C46EC859FE9E
HistoryJul 15, 2020 - 9:55 p.m.

Security Bulletin: XML External Entity Injection (XXE) Vulnerability Affects IBM Secure Proxy (CVE-2020-4462)

2020-07-1521:55:50
www.ibm.com
9

EPSS

0.003

Percentile

69.8%

JSON

Summary

An XXE vulnerability was addressed by IBM Secure Proxy.

Vulnerability Details

CVEID:CVE-2020-4462
**DESCRIPTION:**IBM Sterling External Authentication Server and IBM Sterling Secure Proxy is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
CVSS Base score: 8.2
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/181482 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Secure Proxy 6.0
IBM Secure Proxy 6.0.1 6.0.1
IBM Sterling Secure Proxy 3.4.3.2
IBM Sterling Secure Proxy 3.4.2

Remediation/Fixes

Product

|

VRMF

|

iFix

|

Remediation/First Fix

—|—|—|—

IBM Secure Proxy

|

6.0.1.1

|

GA

|

Fix Central

IBM Secure Proxy

|

6.0.0.1

|

iFix 3

|

Fix Central

IBM Sterling Secure Proxy

|

3.4.3.2

|

iFix 8

|

Fix Central

IBM Sterling Secure Proxy

|

3.4.2.0

|

iFix 21

|

Fix Central

Workarounds and Mitigations

None

Related

prion 1
cvelist 1
ibm 1
nvd 1
cve 1
prion
prion
Xxe
2020-07-16 15:15:00
cvelist
cvelist
CVE-2020-4462
2020-07-16 15:05:35
ibm
ibm
Security Bulletin: XML External Entity Injection (XXE) Vulnerability Affects IBM Secure External Authentication Server (CVE-2020-4462)
2020-07-15 21:45:28
nvd
nvd
CVE-2020-4462
2020-07-16 15:15:28
cve
cve
CVE-2020-4462
2020-07-16 15:15:28

EPSS

0.003

Percentile

69.8%

JSON
Related for 7297497E1A83523C76EF1125858926086251384328E5C8014386C46EC859FE9E
prion1cvelist1ibm1nvd1cve1