7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines (IBM). IBM Aspera Faspex version 5.0.4 is vulnerable to an access control error, which stems from the existence of improper access control of the application. An authenticated attacker could exploit the vulnerability to change the credentials of other users.
CPE | Name | Operator | Version |
---|---|---|---|
ibm ibm aspera | eq | 5.0.4 |