PT-2025-38985 · Microsoft+1 · Windows+1
Published
2025-09-22
·
Updated
2025-09-22
·
CVE-2025-36064
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Sterling Connect:Express for Microsoft Windows versions 3.1.0.0 through 3.1.0.22
Description
The software uses an inadequate account lockout setting. This could allow a remote attacker to attempt to brute force account credentials.
Recommendations
Update to a version beyond 3.1.0.22.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Sterling Connect:Express
Windows