Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-35020 | 3 Ibm, Linux, Microsoft | 5 Aix, Linux On Ibm Z, Sterling Control Center and 2 more | 2024-02-28 | N/A | 5.3 MEDIUM |
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874. | |||||
CVE-2016-0252 | 1 Ibm | 2 Control Center, Sterling Control Center | 2024-02-28 | 1.9 LOW | 5.1 MEDIUM |
IBM Control Center 6.x before 6.0.0.1 iFix06 and Sterling Control Center 5.4.x before 5.4.2.1 iFix09 allow local users to decrypt the master key via unspecified vectors. | |||||
CVE-2014-0925 | 1 Ibm | 1 Sterling Control Center | 2024-02-28 | 3.5 LOW | N/A |
Open redirect vulnerability in IBM Sterling Control Center 5.4.0 before 5.4.0.1 iFix 3 and 5.4.1 before 5.4.1.0 iFix 2 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL. | |||||
CVE-2013-2968 | 1 Ibm | 1 Sterling Control Center | 2024-02-28 | 6.3 MEDIUM | N/A |
An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters. | |||||
CVE-2013-2969 | 1 Ibm | 1 Sterling Control Center | 2024-02-28 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving invalid characters. |