Lucene search
K

37 matches found

Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.7 views

PT-2026-3587

Name of the Vulnerable Software and Affected Versions IBM Sterling Connect:Express Adapter for Sterling B2B Integrator versions 5.2.0.00 through 5.2.0.12 Description The software does not invalidate session data after a user logs out. This could potentially allow an authenticated user to...

6.5CVSS5.4AI score0.00145EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/23 1:5 p.m.26 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL

Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2024-6119 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when performing certificate name checks...

7.5CVSS6.7AI score0.66594EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2024/03/06 12:0 a.m.13 views

IBM Sterling Connect:Express for UNIX Buffer Overflow Vulnerability

IBM Sterling Connect:Express for UNIX is a file transfer solution for the UNIX platform from International Business Machines IBM. A buffer overflow vulnerability exists in IBM Sterling Connect:Express for UNIX version 1.5.0, which originates from the program's failure to properly validate the...

7.5CVSS7.4AI score0.00699EPSS
Exploits0References1
Prion
Prion
added 2023/07/19 2:15 a.m.14 views

Server side request forgery (ssrf)

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...

5.5CVSS5.3AI score0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/19 1:17 a.m.14 views

CVE-2023-29260 IBM Sterling Connect:Express for UNIX server-side request forgery

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...

6.5CVSS6.4AI score0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/19 1:17 a.m.16 views

CVE-2023-29260 IBM Sterling Connect:Express for UNIX server-side request forgery

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135...

6.5CVSS6.4AI score0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/07/19 1:14 a.m.8 views

CVE-2023-29259 IBM Sterling Connect:Express for UNIX information disclosure

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055...

3.7CVSS6.4AI score0.00412EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/19 1:14 a.m.29 views

CVE-2023-29259 IBM Sterling Connect:Express for UNIX information disclosure

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055...

3.7CVSS5.3AI score0.00412EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/12 4:19 p.m.29 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to a buffer overflow through its browser UI (CVE-2023-32331)

Summary IBM Sterling Connect:Express for UNIX is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. Vulnerability Details CVEID:CVE-2023-32331 DESCRIPTION: IBM Connect:Express for UNIX is vulnerable to a buffer overflow that cou...

7.5CVSS7.7AI score0.00699EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/11 10:13 a.m.30 views

Security Bulletin: IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute

Summary IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute Vulnerability Details CVEID:CVE-2023-29259 DESCRIPTION: IBM Sterling Connect:Express for UNIX browser UI is vulnerable to attacks that rely on the use o...

5.3CVSS4.4AI score0.00412EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/11 10:11 a.m.29 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to server-side request forgery (SSRF)

Summary IBM Sterling Connect:Express for UNIX is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. Vulnerability Details...

6.5CVSS5.7AI score0.00298EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/11 10:10 a.m.31 views

Security Bulletin: IBM Sterling Connect:Express uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

Summary IBM Sterling Connect:Express uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Vulnerability Details CVEID:CVE-2021-38933 DESCRIPTION: IBM Sterling Connect:Direct uses weaker than expected cryptographic algorithms that...

7.5CVSS6.5AI score0.00334EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/27 11:17 a.m.27 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-4450)

Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-4450 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a double-free error related to the improper...

7.5CVSS7.7AI score0.20444EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/03/03 1:42 p.m.37 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is affected by multiple vulnerabilities in OpenSSL

Summary A number of security vulnerabilities have been discovered in the OpenSSL libraries included in IBM Sterling Connect:Express for UNIX. Vulnerability Details CVEID:CVE-2022-4304 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by a timing-based side...

7.5CVSS7.9AI score0.59501EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/05/17 10:15 a.m.40 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is vulnerable to denial of service due to OpenSSL (CVE-2022-0778)

Summary OpenSSL is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2022-0778 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw in the BNmodsqrt function when parsing...

7.5CVSS1.3AI score0.70561EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/09 6:33 p.m.42 views

Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2021-3711)

Summary Security vulnerability have been disclosed on 24th August 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-3711 DESCRIPTION: OpenSSL is...

9.8CVSS10AI score0.87816EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/09/09 6:32 p.m.37 views

Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2021-3712)

Summary Security vulnerability have been disclosed on 24th August 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-3712 DESCRIPTION: OpenSSL could...

7.4CVSS7.5AI score0.50445EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/03/10 6:30 p.m.55 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by Multiple Vulnerabilities in OpenSSL

Summary Security vulnerabilities have been disclosed on 16th February 2021 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2021-23839 DESCRIPTION: OpenSSL cou...

7.5CVSS1AI score0.50732EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/01/06 4:0 p.m.39 views

Security Bulletin: OpenSSL Vulnerability Affects IBM Sterling Connect:Express for UNIX (CVE-2020-1971)

Summary A security vulnerability has been disclosed on 8th December 2020 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-1971 DESCRIPTION: OpenSSL is...

5.9CVSS1AI score0.06968EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/07/24 11:8 p.m.39 views

Security Bulletin: IBM Sterling Connect:Express for UNIX is Affected by an OpenSSL Vulnerability (CVE-2018-0732)

Summary Security vulnerability was disclosed on Jun 12, 2018 by the OpenSSL Project. OpenSSl is used by IBM Sterling Connect:Express for UNIX. IBM Sterling Connect:Express for UNIX has addressed the applicable CVE. Vulnerability Details CVE-ID: CVE-2018-0732 Description: During key agreement in a...

7.5CVSS0.6AI score0.49268EPSS
Exploits0Affected Software1
Rows per page
Query Builder