Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Sterling Connect\
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-38890 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Sterling Connect\, Linux Kernel and 2 more 2021-11-29 5.0 MEDIUM 7.5 HIGH
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 209507.
CVE-2021-38891 4 Ibm, Linux, Microsoft and 1 more 5 Aix, Sterling Connect\, Linux Kernel and 2 more 2021-11-29 5.0 MEDIUM 7.5 HIGH
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508.
CVE-2020-4767 1 Ibm 1 Sterling Connect\ 2020-10-30 5.0 MEDIUM 7.5 HIGH
IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.
CVE-2020-4587 1 Ibm 2 Connect\, Sterling Connect\ 2020-08-27 7.2 HIGH 7.8 HIGH
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obtain root provileges. IBM X-Force ID: 184578.
CVE-2016-0380 1 Ibm 1 Sterling Connect\ 2020-06-25 2.1 LOW 3.3 LOW
IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.
CVE-2018-1903 1 Ibm 1 Sterling Connect\ 2019-10-09 7.2 HIGH 6.7 MEDIUM
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.
CVE-2016-5992 1 Ibm 1 Sterling Connect\ 2016-11-28 1.9 LOW 2.5 LOW
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.
CVE-2016-5991 1 Ibm 1 Sterling Connect\ 2016-11-28 4.4 MEDIUM 4.5 MEDIUM
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to gain privileges via unspecified vectors.