IBM Sterling Connect:Express for Microsoft Windows 3.1.0.0 through 3.1.0.22 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.
https://www.ibm.com/support/pages/node/7245761
Source: Mitre, NVD
Published: 2025-09-22
Updated: 2025-10-03
Base Score: 5.4
Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N
Severity: Medium
Base Score: 5.9
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS: 0.00039