VYPR

Sterling Connect\

by IBM

CVEs (7)

  • CVE-2016-5991MedNov 25, 2016
    risk 0.29cvss 4.5epss 0.00

    IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to gain privileges via unspecified vectors.

  • CVE-2016-0380LowAug 8, 2016
    risk 0.21cvss 3.3epss 0.00

    IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.

  • CVE-2016-5992LowNov 25, 2016
    risk 0.16cvss 2.5epss 0.00

    IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.

  • CVE-2013-0529Jun 21, 2013
    risk 0.00cvss epss 0.01

    The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http…

  • CVE-2013-0527Jun 21, 2013
    risk 0.00cvss epss 0.00

    The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading the screen of an unattended…

  • CVE-2013-2989May 28, 2013
    risk 0.00cvss epss 0.00

    The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the…

  • CVE-2012-6352Feb 2, 2013
    risk 0.00cvss epss 0.02

    The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of service (daemon crash and disk consumption) via crafted data.