Clear Text Storage of User Credentials in IBM Sterling Secure Proxy and IBM Sterling External Authentication Server

Clear Text Storage of User Credentials in IBM Sterling Secure Proxy and IBM Sterling External Authentication Server

CVE-2023-32338 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.

Learn more about our Cis Benchmark Audit For Server Software.