VYPR

Sterling Connect:Express for Microsoft Windows

by IBM

CVEs (2)

  • CVE-2020-4767HigOct 28, 2020
    risk 0.49cvss 7.5epss 0.02

    IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.

  • CVE-2025-36064Sep 22, 2025
    risk 0.00cvss epss 0.00

    IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.