IBM72C9B207E725BB0610E8B7B772CC5A2B45220CB4A63846DDD80A0B94A2C9672ESecurity Bulletin: A vulnerability in the GSKit component of IBM Sterling Connect:Direct for Microsoft Windows (CVE-2016-0201)
EPSS
Percentile
68.2%
Summary
A vulnerability has been addressed in the GSKit component of IBM Sterling Connect:Direct for Microsoft Windows.
Vulnerability Details
CVEID:CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by an MD5 collision. An attacker could exploit this vulnerability to obtain authentication credentials.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/109310>[](<https://exchange.xforce.ibmcloud.com/vulnerabilities/109310>) for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
IBM Sterling Connect:Direct for Microsoft Windows 4.7.0.
Remediation/Fixes
Product
| VRMF|APAR|Remediation/First Fix
—|—|—|—
IBM Sterling Connect:Direct for Microsoft Windows| 4.7.0| IT13127| Apply 4.7.0.3_iFix020, available on Fix Central
Workarounds and Mitigations
None
Related
EPSS
Percentile
68.2%