12 matches found
IBM Aspera Security Bypass Vulnerability (CNVD-2024-38533)
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A security bypass vulnerability exists in IBM Aspera versions 5.0.0 through 5.0.9, which can be exploited by an attacker to bypass intended access restriction...
IBM Aspera User Enumeration Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A user enumeration vulnerability exists in IBM Aspera Orchestrator version 4.0.1. The vulnerability stems from a significant difference between valid and...
IBM Aspera Connect and IBM Aspera Cargo Buffer Overflow Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A buffer overflow vulnerability exists in IBM Aspera Connect and IBM Aspera Cargo, which originates from a boundary check error and can be exploited by an...
IBM Aspera Cargo and IBM Aspera Connect Information Disclosure Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect, which can be exploited by attackers to cause unauthorized...
IBM Aspera Faspex YAML deserialization
Added: 04/13/2023 Background IBM Aspera Faspex is a centralized, high-speed transfer solution using the FASP protocol. Problem A YAML deserialization vulnerability allows remote attackers to execute arbitrary commands by sending a POST request for relaypackage with specially crafted JSON content...
IBM Aspera Faspex YAML deserialization
Added: 04/13/2023 Background IBM Aspera Faspex is a centralized, high-speed transfer solution using the FASP protocol. Problem A YAML deserialization vulnerability allows remote attackers to execute arbitrary commands by sending a POST request for relaypackage with specially crafted JSON content...
IBM Aspera Cargo and IBM Aspera Connect Code Execution Vulnerability (CNVD-2023-76771)
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A code execution vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect that originates from a boundary check error and can be exploited by an attack...
IBM Aspera Cargo and IBM Aspera Connect Code Execution Vulnerabilities
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A code execution vulnerability exists in IBM Aspera Cargo and IBM Aspera Connect that originates from a boundary check error and can be exploited by an attack...
IBM Aspera Faspex Cross-Site Scripting Vulnerability
IBM Aspera is an IBM FASP protocol-based fast file transfer and streaming solution from International Business Machines IBM. IBM Aspera Faspex version 4.4.1 contains a cross-site scripting vulnerability, which stems from a cross-site scripting vulnerability that could be exploited by an attacker ...
IBM Aspera Access Control Error Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from the U.S. IBM Aspera Faspex versions 4.4.1 and 5.0.0 have an access control error vulnerability that stems from a miscalculated security token, which could be exploited by an attacker for...
IBM Aspera High-Speed Transfer信息泄露漏洞
IBM Aspera is a fast file transfer and streaming solution built on the IBM FASP protocol from IBM U.S.A. An information disclosure vulnerability exists in IBM Aspera High-Speed Transfer, which could be exploited by attackers to obtain information from non-sensitive operating system files to which...
IBM Aspera Cross-Site Scripting Vulnerability
IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from IBM U.S. A cross-site scripting vulnerability exists in IBM Aspera Cloud, which could be exploited by an attacker to embed arbitrary JavaScript code in the Web UI to alter the intended...