PT-2026-3581 · Ibm · Sterling Connect:Direct For Unix Container
Published
2026-01-20
·
Updated
2026-01-20
·
CVE-2025-14115
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Sterling Connect:Direct for UNIX Container versions 6.3.0.0 through 6.3.0.6 Interim Fix 016
IBM Sterling Connect:Direct for UNIX Container versions 6.4.0.0 through 6.4.0.3 Interim Fix 019
Description
The software contains hard-coded credentials, such as a password or cryptographic key, used for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Recommendations
IBM Sterling Connect:Direct for UNIX Container versions 6.3.0.0 through 6.3.0.6 Interim Fix 016 should be updated.
IBM Sterling Connect:Direct for UNIX Container versions 6.4.0.0 through 6.4.0.3 Interim Fix 019 should be updated.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sterling Connect:Direct For Unix Container