Vulnerabilities > CVE-2020-4587 - Out-of-bounds Write vulnerability in IBM Connect:Direct and Sterling Connect:Direct

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
ibm
CWE-787

Summary

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obtain root provileges. IBM X-Force ID: 184578.

Vulnerable Configurations

Part Description Count
Application
Ibm
4

Common Weakness Enumeration (CWE)