CVE-2024-39747

Name of the Vulnerable Software and Affected Versions IBM Sterling Connect:Direct Web Services versions 6.0 through 6.3

Description The issue concerns the use of default credentials for potentially critical functionality in IBM Sterling Connect:Direct Web Services. This could pose a significant risk if exploited. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited.

Recommendations For versions 6.0 through 6.3, upgrade the affected component immediately to mitigate the risk. As a temporary workaround, consider restricting access to components that use default credentials for critical functionality until a patch is available.