Vulnerabilities > IBM > Sterling Connect > High

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2021-38933 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
2021-11-23 CVE-2021-38890 Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Sterling Connect:Direct
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
network
low complexity
ibm CWE-307
7.5
2021-11-23 CVE-2021-38891 Inadequate Encryption Strength vulnerability in IBM Sterling Connect:Direct
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
7.5
2020-10-28 CVE-2020-4767 Out-of-bounds Read vulnerability in IBM Sterling Connect:Direct
IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read.
network
low complexity
ibm CWE-125
7.5
2020-08-24 CVE-2020-4587 Out-of-bounds Write vulnerability in IBM Connect:Direct and Sterling Connect:Direct
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking.
local
low complexity
ibm CWE-787
7.8
2018-05-01 CVE-2013-4035 Cryptographic Issues vulnerability in IBM Sterling Connect
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client.
low complexity
ibm CWE-310
7.3