Lucene search
+L
IbmAspera Connect

5 matches found

CVE
CVE
added 2020/09/04 1:35 p.m.90 views

CVE-2020-4545

Summary of CVE-2020-4545 from provided documents: IBM Aspera Connect v3.9.9 and earlier is vulnerable to arbitrary code execution stemming from improper loading of Dynamic Link Libraries via the import feature. A victim who opens a specially crafted DLL can trigger code execution with the attacke...

9.3CVSS7.7AI score0.02996EPSS
CVE
CVE
added 2023/03/28 8:7 p.m.80 views

CVE-2023-27284

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are affected by a buffer overflow caused by improper bounds checking. According to IBM and Red Hat/PRION entries, the vulnerability allows code execution on the system and is addressed by upgrading to version 4.2.5 (remediation included in the I...

9.8CVSS9.3AI score0.00656EPSS
CVE
CVE
added 2023/06/04 11:52 p.m.68 views

CVE-2023-27285

CVE-2023-27285 affects IBM Aspera Connect and IBM Aspera Cargo at versions up to 4.2.5, with a buffer overflow caused by improper bounds checking. The impact is potential arbitrary code execution on the target system. The vulnerability is addressed by IBM’s remediation: upgrading to version 4.2.6...

8.4CVSS8.1AI score0.00235EPSS
CVE
CVE
added 2023/03/28 8:7 p.m.65 views

CVE-2023-27286

CVE-2023-27286 affects IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5, with a buffer overflow caused by improper bounds checking in the affected components. The vulnerability could allow an attacker to overflow a buffer and execute arbitrary code on the system. Remediation is available in IB...

9.8CVSS9.3AI score0.00656EPSS
CVE
CVE
added 2023/06/04 11:42 p.m.63 views

CVE-2023-22862

CVE-2023-22862 affects IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5, where authentication credentials are transmitted using an insecure method that can lead to unauthorized interception and retrieval. The IBM Security Bulletin (B3AE4522A366582F82BAA72D23E6FD29726FC63DA16335263B492D5C25D88B...

7.5CVSS6.6AI score0.00545EPSS