Описание
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138.
Ссылки
- VDB EntryVendor Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:sterling_connect:3.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect:3.4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect:3.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_connect:3.6.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 20%
0.00062
Низкий
7.3 High
CVSS3
4.1 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138.
EPSS
Процентиль: 20%
0.00062
Низкий
7.3 High
CVSS3
4.1 Medium
CVSS2
Дефекты
CWE-310