IBM Sterling Connect:Direct Web Services Identity Spoofing Vulnerability

Vulnerability

An identity spoofing vulnerability has been identified in IBM Sterling Connect:Direct Web Services versions 6.1.0, 6.2.0, and 6.3.0. This vulnerability could allow an authenticated user to impersonate another user by exploiting improper authorization, potentially bypassing access restrictions.

Impact

Exploitation of this vulnerability could lead to unauthorized identity impersonation, allowing users to bypass access controls and potentially gain unauthorized privileges or access to resources.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.3

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

1.3

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Connect:Direct Web Services Identity Spoofing Vulnerability

Vulnerability

Impact

Affected Products

IBM Sterling Connect:Direct Web Services

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating