Ibm

Sterling Connect Direct User Interface

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2021-20560

  • EPSS 0.08%
  • Published 26.07.2021 12:15:08
  • Last modified 21.11.2024 05:46:46

IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability...

1.9

CVE-2013-0527

  • EPSS 0.06%
  • Published 21.06.2013 14:55:01
  • Last modified 11.04.2025 00:51:21

The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not close pages upon the timeout of a session, which allows physically proximate attackers to obtain sensitive administrative-console information by reading t...

5

CVE-2013-0529

  • EPSS 0.23%
  • Published 21.06.2013 14:55:01
  • Last modified 11.04.2025 00:51:21

The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its tran...