Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Sterling Control Center
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-35020 3 Ibm, Linux, Microsoft 5 Aix, Linux On Ibm Z, Sterling Control Center and 2 more 2024-02-28 N/A 5.3 MEDIUM
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874.
CVE-2016-0252 1 Ibm 2 Control Center, Sterling Control Center 2024-02-28 1.9 LOW 5.1 MEDIUM
IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the master key via unspecified vectors.
CVE-2014-0925 1 Ibm 1 Sterling Control Center 2024-02-28 3.5 LOW N/A
Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.
CVE-2013-2968 1 Ibm 1 Sterling Control Center 2024-02-28 6.3 MEDIUM N/A
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.
CVE-2013-2969 1 Ibm 1 Sterling Control Center 2024-02-28 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters.