Ibm Sterling Connect:express For Unix
5 CVEs affecting Ibm Sterling Connect:express For Unix. Latest disclosed: 2024-03-04. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-32331 | High | 7.5 | 2024-03-04 | IBM Connect:Express for UNIX 1.5.0 is vulnerable to a buffer overflow that could allow a remote attacker to cause a denial of service through its browser UI… |
CVE-2023-29260 | Medium | 6.5 | 2023-07-19 | IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized re… |
CVE-2023-26023 | Medium | 6.5 | 2023-07-19 | Planning Analytics Cartridge for Cloud Pak for Data 4.0 exposes sensitive information in logs which could lead an attacker to exploit this vulnerability to con… |
CVE-2021-38933 | Medium | 5.9 | 2023-07-19 | IBM Sterling Connect:Direct for UNIX 1.5 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive informatio… |
CVE-2023-29259 | Low | 3.7 | 2023-07-19 | IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID… |