Skip to main content

Sterling Connect CVE-2016-5992

LOW
2016-11-25 psirt@us.ibm.com
2.5
CVSS 3.0 · NVD

Severity by source

NVD PRIMARY
2.5 LOW
AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low

Lifecycle Timeline

1
CVE Published
Nov 25, 2016 - 03:59 cve.org
LOW 2.5

DescriptionCVE.org

IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors.

AnalysisAI

IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors. Rated low severity (CVSS 2.5).

Technical ContextAI

IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows local users to cause a denial of service via unspecified vectors. Affected products include: Ibm Sterling Connect\. Version information: before 4.6.0.6.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2020-4587 HIGH
7.8 Aug 24

IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caus

CVE-2021-38891 HIGH
7.5 Nov 23

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow

CVE-2021-38890 HIGH
7.5 Nov 23

IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequate account lockout setting that could allow a remot

CVE-2020-4767 HIGH
7.5 Oct 28

IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial

CVE-2013-2989 MEDIUM
6.8 May 28

The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1

CVE-2023-29260 MEDIUM
5.4 Jul 19

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). Rated medium severity (CV

CVE-2023-29259 MEDIUM
5.3 Jul 19

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without th

CVE-2012-6352 MEDIUM
5.0 Feb 02

The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of

CVE-2016-5991 MEDIUM
4.5 Nov 25

IBM Sterling Connect:Direct 4.5.00, 4.5.01, 4.6.0 before 4.6.0.6 iFix008, and 4.7.0 before 4.7.0.4 on Windows allows loc

CVE-2016-0380 LOW
3.3 Aug 08

IBM Sterling Connect:Direct for Unix 4.1.0 before 4.1.0.4 iFix073 and 4.2.0 before 4.2.0.4 iFix003 uses default file per

CVE-2025-36064 MEDIUM
5.9 Sep 22

IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting t

Share

CVE-2016-5992 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy