IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the system.
CVE ID: CVE-2024-45653
CVSS Base Severity: MEDIUM
CVSS Base Score: 4.3
Vendor: IBM
Product: Sterling Connect:Direct Web Services
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 16.43% (scored less or equal to compared to others)
EPSS Date: 2025-02-17 (when was this score calculated)