3 matches found
CVE-2023-30995
IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268...
Security Bulletin: IBM Aspera Faspex has addressed an IP address restriction bypass vulnerability
Summary IBM Aspera Faspex could allow a malicious actor to bypass the whitelist IP check at user log in. This is not an unauthorized user access exploit. Vulnerability Details CVEID:CVE-2023-30995 DESCRIPTION: IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor...
CVE-2023-30995
CVE-2023-30995 affects IBM Aspera Faspex 4.0–4.4.2 and 5.0–5.0.5, where a malicious actor could bypass IP whitelist restrictions by sending a specially crafted HTTP request. The CVSS v3.1 score is 7.5 (HIGH); impact is confined to confidentiality none, integrity high, availability none, with netw...