Vulnerabilities > IBM > Sterling Connect > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-07-19 | CVE-2021-38933 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling Connect:Express for Unix 1.5.0 IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2021-11-23 | CVE-2021-38890 | Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. | 7.5 |
2021-11-23 | CVE-2021-38891 | Inadequate Encryption Strength vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-10-28 | CVE-2020-4767 | Out-of-bounds Read vulnerability in IBM Sterling Connect:Direct IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. | 7.5 |
2020-08-24 | CVE-2020-4587 | Out-of-bounds Write vulnerability in IBM Connect:Direct and Sterling Connect:Direct IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. | 7.8 |
2018-05-01 | CVE-2013-4035 | Cryptographic Issues vulnerability in IBM Sterling Connect IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. | 7.3 |