IBM Support

IT47342: IBM STERLING CONNECT:DIRECT FOR MICROSOFT WINDOWS IS AFFECTED BY VULNERABILITIES IN POSTGRESQL

Direct links to fixes

6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if048
6.4.0.4-IBMConnectDirectforMicrosoftWindows-x64-fp0004-if020
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if044
6.4.0.4-IBMConnectDirectforMicrosoftWindows-x64-fp0004-if015
6.2.0.8-IBMConnectDirectforMicrosoftWindows-x64-fp0008-if017
6.2.0.8-IBMConnectDirectforMicrosoftWindows-x64-fp0008-if016
6.4.0.4-IBMConnectDirectforMicrosoftWindows-x64-fp0004-if013
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if041
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if030
6.2.0.8-IBMConnectDirectforMicrosoftWindows-x64-fp0008-if011
6.4.0.4-IBMConnectDirectforMicrosoftWindows-x64-fp0004
6.2.0.8-IBMConnectDirectforMicrosoftWindows-x64-fp0008-if005
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if017
6.4.0.3-IBMConnectDirectforMicrosoftWindows-x64-fp0003-if019
6.4.0.3-IBMConnectDirectforMicrosoftWindows-x64-fp0003-if007
6.2.0.8-IBMConnectDirectforMicrosoftWindows-x64-fp0008
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if007
6.1.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if095
6.2.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if033
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005
6.4.0.1-IBMConnectDirectforMicrosoftWindows-x64-fp0001
6.4.0.1-IBMConnectDirectforMicrosoftWindows-x64-fp0001-if006
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005-if007
6.1.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if100
6.2.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if039
6.1.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if103
6.2.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if043
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005-if011
6.4.0.1-IBMConnectDirectforMicrosoftWindows-x64-fp0001-if010
6.1.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if104
6.2.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if044
6.4.0.1-IBMConnectDirectforMicrosoftWindows-x64-fp0001-if011
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005-if014
6.4.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002
6.1.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if106
6.2.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006-if048
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005-if021
6.4.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if005.fo.xml
6.4.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if005
6.3.0.5-IBMConnectDirectforMicrosoftWindows-x64-fp0005-if035
6.4.0.2-IBMConnectDirectforMicrosoftWindows-x64-fp0002-if019
6.2.0.7-IBMConnectDirectforMicrosoftWindows-x64-fp0007
6.4.0.3-IBMConnectDirectforMicrosoftWindows-x64-fp0003
6.3.0.6-IBMConnectDirectforMicrosoftWindows-x64-fp0006

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • IBM Sterling Connect:Direct for Microsoft Windows is affected by
a vulnerability in PostgreSQL.
Affected: CVE-2024-10976, CVE-2024-10977, CVE-2024-10978,
CVE-2024-10979

Local fix

  • STRMFT-16477
RJ / AS
Circumvention: None

Problem summary

  • Users Affected:
Sterling Connect:Direct for Windows 6.1.0
Sterling Connect:Direct for Windows 6.2.0
Sterling Connect:Direct for Windows 6.3.0
Sterling Connect:Direct for Windows 6.4.0


Problem Description:
IBM Sterling Connect:Direct for Microsoft Windows is affected by
multiple vulnerabilities in PostgreSQL.
Affected: CVE-2024-10976, CVE-2024-10977, CVE-2024-10978,
CVE-2024-10979


Platforms Affected:
Windows

Problem conclusion

  • Resolution Summary:
Updated PostgreSQL to version 13.18.


Delivered In:
Sterling Connect:Direct for Windows 6.1.0.2_iFix095
Sterling Connect:Direct for Windows 6.2.0.6_iFix033
Sterling Connect:Direct for Windows 6.3.0.4_iFix014
Sterling Connect:Direct for Windows 6.4.0.0_iFix004

Temporary fix

  • TBD

Comments

  • 



APAR Information




    

  • APAR number
    IT47342
    • 

  • Reported component name
    STR CD FOR WIND
    • 

  • Reported component ID
    5725C9908
    • 

  • Reported release
    630
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2024-11-29
    • 

  • Closed date
    2025-01-03
    • 

  • Last modified date
    2025-01-03
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    STR CD FOR WIND
    • 

  • Fixed component ID
    5725C9908
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRRVY","label":"Sterling Connect:Direct for Microsoft Windows"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            22 April 2026
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback