Aspera Connect Security Vulnerabilities and Issues — Aspera Connect CVE List

Lucene search

IbmAspera Connect

5 matches found

CVE•added 2020/09/04 2:15 p.m.•63 views

CVE-2020-4545

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary...

9.3CVSS7.7AI score0.01306EPSS

CVE•added 2023/04/02 9:15 p.m.•58 views

CVE-2023-27284

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

9.8CVSS9.3AI score0.00082EPSS

CVE•added 2023/04/02 9:15 p.m.•51 views

CVE-2023-27286

9.8CVSS9.3AI score0.00051EPSS

CVE•added 2023/06/05 12:15 a.m.•48 views

CVE-2023-27285

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.

8.4CVSS8.1AI score0.00019EPSS

CVE•added 2023/06/05 12:15 a.m.•47 views

CVE-2023-22862

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

7.5CVSS6.6AI score0.00064EPSS