Vulnerabilities > IBM > Sterling Connect > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-07-19 CVE-2023-29259 Unspecified vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute.
network
low complexity
ibm
5.3
2023-07-19 CVE-2023-29260 Server-Side Request Forgery (SSRF) vulnerability in IBM Sterling Connect:Express for Unix 1.5.0
IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm CWE-918
5.4
2019-04-10 CVE-2018-1903 Unspecified vulnerability in IBM Sterling Connect:Direct 4.2.0/4.3.0/6.0.0
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, and 6.0.0 could allow a user with restricted sudo access on a system to manipulate CD UNIX to gain full sudo access.
local
low complexity
ibm
6.7
2016-11-25 CVE-2016-5991 Permissions, Privileges, and Access Controls vulnerability in IBM Sterling Connect:Direct
IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to gain privileges via unspecified vectors.
local
high complexity
ibm CWE-264
4.5