Vulnerabilities > IBM > Sterling Connect > express.for.unix

DATE CVE VULNERABILITY TITLE RISK
2024-03-04 CVE-2023-32331 Classic Buffer Overflow vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI.
network
low complexity
ibm CWE-120
7.5
7.5
2023-07-19 CVE-2021-38933 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2023-07-19 CVE-2023-29259 Unspecified vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
network
low complexity
ibm
5.3
5.3
2023-07-19 CVE-2023-29260 Server-Side Request Forgery (SSRF) vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
5.4