Primary

Context

IBM Sterling Connect:Direct Web Services Sensitive IP Address Disclosure Vulnerability

Vulnerability

Patched

A vulnerability exists in IBM Sterling Connect:Direct Web Services versions 6.0, 6.1, 6.2, and 6.3, allowing authenticated users to access sensitive IP address information. This disclosure could be leveraged for further attacks against the system.

Impact

Exploitation of this vulnerability could lead to the unauthorized disclosure of sensitive IP address information, potentially facilitating additional attacks against the system.

Remediation

Users are advised to upgrade to IBM Sterling Connect:Direct Web Services version 6.3.0.10, available on Fix Central. No upgrade options are currently available for versions 6.1, 6.2, or 6.0.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Connect:Direct Web Services Sensitive IP Address Disclosure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Sterling Connect:Direct Web Services

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating