Sterling Connect:direct@* Security Vulnerabilities and Issues — Sterling Connect:direct@* CVE List

Lucene search

IbmSterling Connect:direct*

3 matches found

CVE•added 2021/11/23 8:15 p.m.•40 views

CVE-2021-38891

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508.

7.5CVSS7.2AI score0.00096EPSS

CVE•added 2020/10/28 5:15 p.m.•27 views

CVE-2020-4767

IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.

7.5CVSS7.5AI score0.00729EPSS

CVE•added 2021/11/23 8:15 p.m.•27 views

CVE-2021-38890

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 209507.

7.5CVSS7.3AI score0.00186EPSS