216.73.217.139

CVE-2025-14115

· Published 20/01/2026 15:16 · Modified 20/01/2026 15:16

Labels: CVE-2025-14115 2026-01-20CVE-2025-14115CWE-798[email protected]

Essential information

Published
20/01/2026 15:16
Modified
20/01/2026 15:16
Author
Creator
CVSS
8.4 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
ibm / sterling connect cpe:2.3:a:ibm:sterling_connect:direct:6.3.0.0-6.3.0.6:*:*:*:*:*:*:*
ibm / sterling connect cpe:2.3:a:ibm:sterling_connect:direct:6.4.0.0-6.4.0.3:*:*:*:*:*:*:*

References