CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-36137

IBM Sterling Connect Direct for Unix 6.2.0.7 through 6.2.0.9 iFix004, 6.4.0.0 through 6.4.0.2 iFix001, and 6.3.0.2 through 6.3.0.5 iFix002 incorrectly assigns permissions for maintenance tasks to Control Center Director (CCD) users that could allow a privileged user to escalate their privileges further due to unnecessary privilege assignment for post update scripts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 15.0%

CVSS Severity

CVSS v3 Score 7.2

References

https://www.ibm.com/support/pages/node/7249678

Products affected by CVE-2025-36137

Ibm » Sterling Connect » Version: direct

cpe:2.3:a:ibm:sterling_connect:direct

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-36137

Products

Pricing

Contact Us