Ibm

Sterling Connect Direct User Interface

3 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2021-20560

  • EPSS 0.08%
  • Veröffentlicht 26.07.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:46

IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability...

1.9

CVE-2013-0527

  • EPSS 0.06%
  • Veröffentlicht 21.06.2013 14:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading t...

5

CVE-2013-0529

  • EPSS 0.23%
  • Veröffentlicht 21.06.2013 14:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its tran...