VDB
CVE-2025-14115
CVE-2025-14115
PUBLISHED
CVSS 8.399999618530273 HIGH
IBM Sterling Connect:Direct for UNIX Container 6.3.0.0 through 6.3.0.6 Interim Fix 016, and 6.4.0.0 through 6.4.0.3 Interim Fix 019 IBM® Sterling Connect:Direct for UNIX contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
EPSS 0.01% · 2.5th percentile
Risk Scores
CVSS 3.1
8.399999618530273
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.01%
2.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM | Sterling Connect:Direct for UNIX Container | 6.3.0.0, 6.4.0.0, 6.3.0.0 |
Exploit Intelligence
- CIRCL seen: CVE-2025-14115 (circl-sighting)
- CIRCL seen: CVE-2025-14115 (circl-sighting)
- CIRCL seen: CVE-2025-14115 (circl-sighting)
- CIRCL seen: CVE-2025-14115 (circl-sighting)
- https://www.ibm.com/support/pages/node/7257143 (circl)
- cve-2025-14847.yar (github-yara)
- cve-2025-14847.yar (github-yara)
- cve-2025-14847.yar (github-yara)
- cve-2025-14847.yar (github-yara)
Timeline
- Jan 16, 2026 CVE Published
- Jan 16, 2026 PoC Published
- Jan 20, 2026 PoC Published
- Jan 20, 2026 PoC Published
- Jan 20, 2026 PoC Published
- Jan 21, 2026 EPSS Score
- Jan 21, 2026 PoC Published
- Jan 24, 2026 EPSS Score
- Jan 26, 2026 EPSS Score
- Jan 26, 2026 CVE Updated
- Jan 29, 2026 EPSS Score
- Feb 1, 2026 EPSS Score