37 matches found
PT-2026-3587
Name of the Vulnerable Software and Affected Versions IBM Sterling Connect:Express Adapter for Sterling B2B Integrator versions 5.2.0.00 through 5.2.0.12 Description The software does not invalidate session data after a user logs out. This could potentially allow an authenticated user to...
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL
Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks...
IBM Sterling Connect:Express for UNIX Buffer Overflow Vulnerability
IBM Sterling Connect:Express for UNIX is a file transfer solution for the UNIX platform from International Business Machines IBM. A buffer overflow vulnerability exists in IBM Sterling Connect:Express for UNIX version 1.5.0, which originates from the program's failure to properly validate the...
Server side request forgery (ssrf)
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...
CVE-2023-29260 IBM Sterling Connect:Express for UNIX server-side request forgery
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...
CVE-2023-29260 IBM Sterling Connect:Express for UNIX server-side request forgery
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...
CVE-2023-29259 IBM Sterling Connect:Express for UNIX information disclosure
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055...
CVE-2023-29259 IBM Sterling Connect:Express for UNIX information disclosure
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055...
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to a buffer overflow through its browser UI (CVE-2023-32331)
Summary IBM Sterling Connect:Express for UNIX is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. Vulnerability Details CVEID:CVE-2023-32331 DESCRIPTION: IBM Connect:Express for UNIX is vulnerable to a buffer overflow that cou...
Security Bulletin: IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute
Summary IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute Vulnerability Details CVEID:CVE-2023-29259 DESCRIPTION: IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use o...
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to server-side request forgery (SSRF)
Summary IBM Sterling Connect:Express for UNIX is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Vulnerability Details...
Security Bulletin: IBM Sterling Connect:Express uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Summary IBM Sterling Connect:Express uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Vulnerability Details CVEID:CVE-2021-38933 DESCRIPTION: IBM Sterling Connect:Direct uses weaker than expected cryptographic algorithms that...
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-4450)
Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error related to the improper...
Security Bulletin: IBM Sterling Connect:Express for UNIX is affected by multiple vulnerabilities in OpenSSL
Summary A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Sterling Connect:Express for UNIX. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side...
Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)
Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing...
Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2021-3711)
Summary Security vulnerability have been disclosed on 24th August 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...
Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2021-3712)
Summary Security vulnerability have been disclosed on 24th August 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could...
Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by Multiple Vulnerabilities in OpenSSL
Summary Security vulnerabilities have been disclosed on 16th February 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL cou...
Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2020-1971)
Summary A security vulnerability has been disclosed on 8th December 2020 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is...
Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by an OpenSSL Vulnerability (CVE-2018-0732)
Summary Security vulnerability was disclosed on Jun 12, 2018 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2018-0732 Description: During key agreement in a...