Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-4035 | 1 Ibm | 1 Sterling Connect | 2018-06-07 | 4.1 MEDIUM | 7.3 HIGH |
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. | |||||
CVE-2013-2989 | 1 Ibm | 1 Sterling Connect | 2017-08-28 | 6.8 MEDIUM | N/A |
The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the Connect:Direct product. | |||||
CVE-2012-6352 | 1 Ibm | 1 Sterling Connect | 2017-08-28 | 5.0 MEDIUM | N/A |
The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of service (daemon crash and disk consumption) via crafted data. |