IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 uses default credentials for potentially critical functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM
Information Disclosure
Sterling Connect Direct Web Services
NVD
CVSS 3.1
9.8
EPSS
0.8%