Primary

Context

IBM Sterling Secure Proxy Cryptographic Vulnerability Allowing Decryption of Sensitive Information

Vulnerability

Patched

A vulnerability exists in IBM Sterling Secure Proxy versions 6.0.0.0 prior to 6.0.3.1, 6.1.0.0 prior to 6.1.0.1, and 6.2.0.0 prior to 6.2.0.1, due to the use of weaker than expected cryptographic algorithms. This flaw could enable an attacker to decrypt highly sensitive information.

Impact

Exploitation of this vulnerability could lead to the decryption of sensitive information, potentially allowing unauthorized access to confidential data.

Remediation

Users can upgrade to IBM Sterling Secure Proxy 6.0.3.1 iFix 03, 6.1.0.1 iFix 03, or 6.2.0.1 iFix 02. Instructions for downloading these versions are available on the IBM Fix Central website.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

7.6

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Secure Proxy Cryptographic Vulnerability Allowing Decryption of Sensitive Information

Vulnerability

Impact

Remediation

Affected Products

IBM Sterling Secure Proxy

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating