Lucene search
IbmCVE-2024-45097HistorySep 05, 2024 - 4:15 p.m.
CVE-2024-45097
2024-09-0516:15:08
CWE-650
CWE-436
ibm
web.nvd.nist.gov
26
ibm
aspera
faspex
access restrictions
resource modification
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
16.8%
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
Affected configurations
Node
ibmaspera_faspexRange5.0.0–5.0.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | aspera_faspex | * | cpe:2.3:a:ibm:aspera_faspex:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"cpes": [
"cpe:2.3:a:ibm:aspera_faspex:5.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:aspera_faspex:5.0.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Aspera Faspex",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "5.0.9",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
]References
Related
nvd
nvd
CVE-2024-45097
2024-09-05 16:15:08
cvelist
cvelist
CVE-2024-45097 IBM Aspera Faspex bypass security
2024-09-05 15:35:56
vulnrichment
vulnrichment
CVE-2024-45097 IBM Aspera Faspex bypass security
2024-09-05 15:35:56
CVSS3
7.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
AI Score
5.7
Confidence
High
EPSS
0.001
Percentile
16.8%
Related for CVE-2024-45097