CVE-2020-4433

🗓️ 10 Jun 2020 12:57:53Reported by ibmType

IBM Aspera applications stack-based buffer overflow vulnerability

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: Various vulnerabilities affecting certain Aspera applications (CVE-2020-4432, CVE-2020-4433, CVE-2020-4434, CVE-2020-4435, CVE-2020-4436)	21 Feb 202201:13	–	ibm
CNVD	Buffer Overflow Vulnerability in Multiple IBM Products (CNVD-2020-33143)	11 Jun 202000:00	–	cnvd
CNVD	Command Execution Vulnerability in Multiple IBM Products	11 Jun 202000:00	–	cnvd
CNVD	Buffer Overflow Vulnerability in Multiple IBM Products (CNVD-2020-33147)	11 Jun 202000:00	–	cnvd
Cvelist	CVE-2020-4433	10 Jun 202012:57	–	cvelist
EUVD	EUVD-2020-25680	7 Oct 202500:30	–	euvd
NVD	CVE-2020-4433	10 Jun 202013:15	–	nvd
OSV	CVE-2020-4433	10 Jun 202013:15	–	osv
Prion	Stack overflow	10 Jun 202013:15	–	prion

NVD

Vulners

Node

ibm aspera_application_platform_on_demandRange≤3.7.4

ibm aspera_faspex_on_demandRange≤3.7.4

ibm aspera_high-speed_transfer_endpointRange≤3.9.3

ibm aspera_high-speed_transfer_serverRange≤3.9.3

ibm aspera_high-speed_transfer_server_for_cloud_pak_for_integrationRange≤3.9.10

ibm aspera_proxy_serverRange≤1.4.3

ibm aspera_server_on_demandRange≤3.7.4

ibm aspera_shares_on_demandRange≤3.7.4

ibm aspera_streamingRange≤3.9.3

ibm aspera_transfer_cluster_managerRange≤1.3.1

[
  {
    "product": "Aspera Faspex On Demand",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4"
      }
    ]
  },
  {
    "product": "Aspera Server On Demand",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4"
      }
    ]
  },
  {
    "product": "Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.9.10"
      }
    ]
  },
  {
    "product": "Aspera High-Speed Transfer Endpoint",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.9.3"
      }
    ]
  },
  {
    "product": "Aspera Streaming",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.9.3"
      }
    ]
  },
  {
    "product": "Aspera Transfer Cluster Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "1.3.1"
      }
    ]
  },
  {
    "product": "Aspera High-Speed Transfer Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.9.3"
      }
    ]
  },
  {
    "product": "Aspera Shares On Demand",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4"
      }
    ]
  },
  {
    "product": "Aspera Application Platform On Demand",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "3.7.4"
      }
    ]
  },
  {
    "product": "Aspera Proxy Server",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "1.4.3"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/6221324
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/180814

21 Nov 2024 05:32Current

7.8High risk

Vulners AI Score7.8

CVSS 3.17.5

CVSS 29.3

CVSS 37.5

EPSS0.03738