Memory corruption

2020-06-1013:15:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.6%

JSON

Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.

CPENameOperatorVersion
aspera_application_platform_on_demandle3.7.4
aspera_faspex_on_demandle3.7.4
aspera_high-speed_transfer_endpointle3.9.3
aspera_high-speed_transfer_serverle3.9.3
aspera_high-speed_transfer_server_for_cloud_pak_for_integrationle3.9.10
aspera_proxy_serverle1.4.3
aspera_server_on_demandle3.7.4
aspera_shares_on_demandle3.7.4
aspera_streamingle3.9.3
aspera_transfer_cluster_managerle1.3.1

Name	Operator	Version
aspera_application_platform_on_demand	le	3.7.4
aspera_faspex_on_demand	le	3.7.4
aspera_high-speed_transfer_endpoint	le	3.9.3
aspera_high-speed_transfer_server	le	3.9.3
aspera_high-speed_transfer_server_for_cloud_pak_for_integration	le	3.9.10
aspera_proxy_server	le	1.4.3
aspera_server_on_demand	le	3.7.4
aspera_shares_on_demand	le	3.7.4
aspera_streaming	le	3.9.3
aspera_transfer_cluster_manager	le	1.3.1