VYPR

Sterling Connect:Direct for UNIX Container

by IBM

CVEs (7)

  • CVE-2020-4747CriDec 15, 2020
    risk 0.64cvss 9.8epss 0.02

    IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516.

  • CVE-2025-14115HigJan 20, 2026
    risk 0.55cvss 8.4epss 0.00

    IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound…

  • CVE-2020-4587HigAug 24, 2020
    risk 0.51cvss 7.8epss 0.00

    IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obtain root provileges. IBM X-Force ID: 184578.

  • CVE-2018-1903MedApr 10, 2019
    risk 0.44cvss 6.7epss 0.00

    IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access. IBM X-Force ID: 152532.

  • CVE-2021-38933MedJul 19, 2023
    risk 0.38cvss 5.9epss 0.00

    IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210574.

  • CVE-2016-0380LowAug 8, 2016
    risk 0.21cvss 3.3epss 0.00

    IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file permissions of 0664, which allows local users to obtain sensitive information via standard filesystem operations.

  • CVE-2025-36137Oct 30, 2025
    risk 0.00cvss epss 0.00

    IBM Sterling Connect Direct for Unix 6.2.0.7 through 6.2.0.9 iFix004, 6.4.0.0 through 6.4.0.2 iFix001, and 6.3.0.2 through 6.3.0.5 iFix002 incorrectly assigns permissions for maintenance tasks to Control Center Director (CCD) users that could allow a privileged user to escalate…