Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Sterling Connect:Direct Web Services information disclosure
Vulnerability Description
IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
IBM Sterling Connect:Direct Web Services 安全漏洞
Vulnerability Description
IBM Sterling Connect:Direct Web Services是美国国际商业机器(IBM)公司的一套基于文件的点对点文件传输解决方案。 IBM Sterling Connect:Direct Web Services 6.0版本、6.1版本、6.2版本和6.3版本存在安全漏洞,该漏洞源于未能正确启用HTTP严格传输安全,导致远程攻击者通过中间人技术获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A