Primary

Context

IBM Sterling Connect:Direct for UNIX Container Hard-Coded Credentials Vulnerability

Vulnerability

A vulnerability exists in IBM Sterling Connect:Direct for UNIX Container versions 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019, due to hard-coded credentials used for inbound authentication, outbound communication, and internal data encryption. This vulnerability could be exploited by leveraging the embedded credentials for unauthorized access or communication.

Impact

The hard-coded credentials could be exploited to bypass authentication or authorization mechanisms, potentially leading to unauthorized access or actions within the application or its components.

Remediation

Users are advised to upgrade to IBM Sterling Connect:Direct for UNIX Container version 6.3.0.6_iFix017 or 6.4.0.4, depending on their current version. Instructions for downloading the updated version are available on the IBM Support website.

Added: Jan 20, 2026, 3:44 PM

Updated: Jan 20, 2026, 3:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Connect:Direct for UNIX Container Hard-Coded Credentials Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating