Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/05/29 2:41 p.m.16 views

Security Bulletin: IBM Sterling Connect:Direct for Unix is impacted by Improper Input Validation vulnerability due to jetty-http.

Summary jetty-http is used by IBM Sterling Connect:Direct for UNIX in product configuration. IBM Sterling Connect:Direct for UNIX is impacted by Improper Input Validation vulnerability in jetty-http, CVE-2025-11143. IBM Sterling Connect:Direct for UNIX has upgraded jetty-http to address the issue...

6.5CVSS6.6AI score0.00159EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/22 8:47 p.m.5 views

Security Bulletin: IBM Sterling Connect:Direct for Unix is impacted by vulnerabilities due to IBM Java 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct for UNIX in product configuration and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct for UNIX has upgraded IBM Java 17 to address the issues. Vulnerabilit...

7.5CVSS5.7AI score0.00633EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/21 3:27 p.m.12 views

CVE-2025-14115

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...

8.4CVSS5.4AI score0.001EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/20 2:59 p.m.2 views

CVE-2025-14115

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,...

8.4CVSS5.3AI score0.001EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/10/30 6:53 p.m.10 views

CVE-2025-36137

CVE-2025-36137 affects IBM Sterling Connect:Direct for UNIX (versions 6.2.0.7–6.2.0.9 iFix004; 6.3.0.2–6.3.0.5 iFix002; 6.4.0.0–6.4.0.2 iFix001). The root cause is incorrect permission assignments for maintenance tasks to Control Center Director (CCD) users, which could allow a privileged user to...

7.2CVSS6.5AI score0.00322EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/30 4:3 p.m.4 views

Security Bulletin: IBM Sterling Connect:Direct for UNIX is vulnerable to Execution with Unnecessary Privileges, CVE-2025-36137.

Summary IBM Sterling Control Center can apply maintenance to and upgrade IBM Sterling Connect:Direct for UNIX. The Control Center administrator has the option of running pre and post update scripts. Those scripts are run as root; they should be run as the standard user account under which...

7.2CVSS6.8AI score0.00322EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/10/01 8:21 p.m.3 views

Security Bulletin: IBM Sterling Connect:Direct for Unix is vulnerable due to IBM Runtime Environment Java Technology Edition Version 8

Summary IBM Java 8 is used by IBM Sterling Connect:Direct for UNIX in product configuration and data transmission. IBM Sterling Connect:Direct for UNIX is impacted by vulnerabilities in IBM Java 8. IBM Sterling Connect:Direct for UNIX has upgraded IBM Java 8 to address the issues. Vulnerability...

8.1CVSS6.2AI score0.01058EPSS
Exploits1Affected Software1
CNNVD
CNNVD
added 2020/12/14 12:0 a.m.6 views

IBM Connect:Direct for UNIX 授权问题漏洞

IBM Connect: Direct for UNIX is the United States IBM a point-to-point can support multi-platform transfer of data between the tool software. The software supports z/OS, VSE, AS/400, UNIX IBM, SUN, HP, etc., LINUX, Windows and other 18 platforms, in addition to providing C, C + + +, JAVA,...

9.8CVSS7.1AI score0.02021EPSS
Exploits0References5
OSV
OSV
added 2019/04/10 3:29 p.m.1 views

CVE-2018-1903

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532...

6.7CVSS5.8AI score0.00387EPSS
Exploits0References2
CNVD
CNVD
added 2016/08/11 12:0 a.m.3 views

IBM Sterling Connect:Direct for Unix Information Disclosure Vulnerability

IBM Sterling Connect:Direct for Unix is peer-to-peer file transfer software. An information disclosure vulnerability exists in IBM Sterling Connect:Direct for Unix version 4.1.0 prior to 4.1.0.4, iFix073, and version 4.2.0 prior to 4.2.0.4, iFix003, which could allow a local user to obtain...

3.3CVSS5.7AI score0.0031EPSS
Exploits0References1
Rows per page
Query Builder