← Back

CVE-2020-4767

nvd nist
Published: Oct 28, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.

Affected (4)

Ibm
1 product
Sterling Connect\
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Sterling Connect\
From 4.7.0.0 to 4.7.0.7
Sterling Connect\
From 4.8.0.0 to 4.8.0.3
Sterling Connect\
From 6.0.0.0 to 6.0.0.4
Sterling Connect\
From 6.1.0.0 to 6.1.0.1

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (4)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.