← Back

CVE-2024-39747

nvd nist
Published: Aug 31, 2024Modified: Sep 16, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality.

Affected (3)

Ibm
1 product
Sterling Connect Direct Web Services
Configuration A
3 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Ibm
Sterling Connect Direct Web Services
From 6.0.0.0 to 6.1.0.25
Sterling Connect Direct Web Services
From 6.2.0 to 6.2.0.24
Sterling Connect Direct Web Services
From 6.3.0 to 6.3.0.9
Running on/withPlatform Versions
Ibm
Aix
All versions
Linux
Linux Kernel
All versions
Microsoft
Windows
All versions

Related CWEs

CWE-1392
Use of Default Credentials
The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.

References (2)

Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: psirt@us.ibm.com
Vendor Advisory

Timeline

No history available yet.