Sterling Connect:express For Unix Security Vulnerabilities and Issues — Sterling Connect:express For Unix CVE List

Lucene search

IbmSterling Connect:express For Unix

5 matches found

CVE•added 2024/03/04 7:15 p.m.•69 views

CVE-2023-32331

IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI. IBM X-Force ID: 254979.

7.5CVSS7.6AI score0.00088EPSS

CVE•added 2023/07/19 2:15 a.m.•46 views

CVE-2023-26023

Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to conduct further attacks. IBM X-Force ID: 247896.

7.5CVSS6.3AI score0.00064EPSS

CVE•added 2023/07/19 2:15 a.m.•45 views

CVE-2021-38933

IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574.

7.5CVSS6.3AI score0.00029EPSS

CVE•added 2023/07/19 2:15 a.m.•44 views

CVE-2023-29260

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 252135.

6.5CVSS5.7AI score0.00048EPSS

CVE•added 2023/07/19 2:15 a.m.•35 views

CVE-2023-29259

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: 252055.

5.3CVSS4.5AI score0.00066EPSS