Lucene search
IBM3F396392652A099720C4218FB1BEB834179630AB9A9D956B85045A80C3B7D4E9HistoryFeb 28, 2020 - 1:38 a.m.
Security Bulletin: IBM Aspera Shares Web Application is affected by NGINX Vulnerabilities (CVE-2019-13067)
2020-02-2801:38:24
www.ibm.com
13
0.004 Low
EPSS
Percentile
73.4%
Summary
IBM Aspera Shares Web Application has addressed the following OpenSSL vulnerability.
Vulnerability Details
CVEID:CVE-2019-13067
**DESCRIPTION:**njs, used in NGINX, is vulnerable to a denial of service, caused by a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 3.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/166358 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Aspera Shares | 1.9.12 |
Remediation/Fixes
| Affected Product(s) | Version(s) |
|---|---|
| IBM Aspera Shares | 1.9.14 |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm aspera | eq | 1.9.14 |
Related
checkpoint_advisories
checkpoint_advisories
NGINX NJS Buffer Overflow (CVE-2019-13067)
2020-05-17 00:00:00
cvelist
cvelist
CVE-2019-13067
2019-06-29 23:29:57
nvd
nvd
CVE-2019-13067
2019-06-30 00:15:11
prion
prion
Design/Logic Flaw
2019-06-30 00:15:00
osv
osv
CVE-2019-13067
2019-06-30 00:15:11
cve
cve
CVE-2019-13067
2019-06-30 00:15:11
ibm
ibm
0.004 Low
EPSS
Percentile
73.4%
Related for 3F396392652A099720C4218FB1BEB834179630AB9A9D956B85045A80C3B7D4E9