CVE-2025-14115

Summary

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

Affected Software

VendorProductVersion RangeStatus
IBMSterling Connect:Direct for UNIX Container6.3.0.0 <= 6.3.0.6 Interim Fix 016affected
IBMSterling Connect:Direct for UNIX Container6.4.0.0 <= 6.4.0.3 Interim Fix 019affected

Weaknesses

  • CWE-798: CWE-798 Use of Hard-coded Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References