Primary

Context

IBM Sterling Control Center Sensitive Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability in IBM Sterling Control Center versions 6.2.1, 6.3.1, and 6.4.0 allows web pages to be stored locally and read by another user on the same system. This issue can lead to the unintentional sharing of sensitive information, such as session tokens, through URLs.

Impact

Exploitation of this vulnerability could result in the exposure of sensitive information, including session tokens, which could be intercepted and potentially misused by another user on the system.

Remediation

Users can upgrade to IBM Sterling Control Center 6.2.1.0 iFix15, 6.3.1.0 iFix04, or 6.4.0.0 iFix01. Instructions for downloading these versions are available on IBM Fix Central.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

0.0

exploitability

3.5

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Control Center Sensitive Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Sterling Control Center

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating