Multiple Cisco Splunk Vulnerabilities

June 3, 2025

Multiple IBM Db2 Vulnerabilities

June 3, 2025

Multiple IBM Products Vulnerabilities

June 3, 2025

Severity

Medium

Analysis Summary

CVE-2024-38341 CVSS:5.9

IBM Sterling Secure Proxy could allow a remote attacker to obtain sensitive information due to the use of weaker-than-expected cryptographic algorithms. An attacker could exploit this vulnerability to decrypt highly sensitive information.

CVE-2024-51453 CVSS:4.3

IBM Sterling Secure Proxy could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

CVE-2025-3357 CVSS:9.8

IBM Tivoli Monitoring could allow a remote attacker to execute arbitrary code, caused by improper validation of an index value of a dynamically allocated array.

Impact

Information Disclosure
Code Execution

Indicators of Compromise

CVE

CVE-2024-38341
CVE-2024-51453
CVE-2025-3357

Affected Vendors

Affected Products

IBM Tivoli Monitoring - 6.3.0.7
IBM Sterling Secure Proxy - 6.0.0.0
IBM Sterling Secure Proxy - 6.1.0.0
IBM Sterling Secure Proxy - 6.2.0.0

Remediation

Refer to the IBM Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-38341

CVE-2024-51453

CVE-2025-3357

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple Cisco Splunk Vulnerabilities

Multiple IBM Db2 Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation