📦 Sterling Connect Direct Web Services

Name: Sterling Connect Direct Web Services
Author: Ibm

by Ibm

🔍 What is Sterling Connect Direct Web Services?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-39747

HIGH CVSS 8.1 Aug 31, 2024

IBM Sterling Connect:Direct Web Services uses default credentials for critical functionality, allowing attackers to gain unauthorized access. This affects versions 6.0 through 6.3 of the software. Org...

CVE-2024-45651

MEDIUM CVSS 6.3 Apr 18, 2025

IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0 fail to properly invalidate user sessions when a browser is closed. This allows an authenticated attacker who gains access to ...

CVE-2024-45653

MEDIUM CVSS 4.3 Jan 19, 2025

IBM Sterling Connect:Direct Web Services versions 6.0-6.3 expose sensitive IP address information to authenticated users in API responses. This information disclosure vulnerability could enable attack...

CVE-2024-39745

MEDIUM CVSS 5.9 Aug 22, 2024

IBM Sterling Connect:Direct Web Services uses weak cryptographic algorithms that could allow attackers to decrypt sensitive data transmitted by the application. This affects versions 6.0 through 6.3 o...