Aspera Faspex@* Security Vulnerabilities and Issues — Aspera Faspex@* CVE List

Lucene search

IbmAspera Faspex*

12 matches found

CVE•added 2024/04/19 5:15 p.m.•76 views

CVE-2023-27279

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.

6.5CVSS6.3AI score0.00132EPSS

CVE•added 2024/12/11 3:15 a.m.•60 views

CVE-2023-37395

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.

3.3CVSS3.2AI score0.00046EPSS

CVE•added 2024/04/19 5:15 p.m.•60 views

CVE-2023-37397

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.

4.4CVSS5.7AI score0.00024EPSS

CVE•added 2024/04/19 4:15 p.m.•56 views

CVE-2023-22869

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.

5.5CVSS5.5AI score0.00034EPSS

CVE•added 2024/05/28 12:15 p.m.•51 views

CVE-2023-37411

IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260139.

5.4CVSS4.8AI score0.00068EPSS

CVE•added 2024/04/19 4:15 p.m.•47 views

CVE-2023-37396

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.

5.5CVSS5.5AI score0.00019EPSS

CVE•added 2024/04/19 5:15 p.m.•41 views

CVE-2022-40745

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.

5.5CVSS5.5AI score0.00026EPSS

CVE•added 2024/04/19 2:15 p.m.•41 views

CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677.

7.8CVSS6.4AI score0.00019EPSS

CVE•added 2024/09/05 4:15 p.m.•41 views

CVE-2024-45098

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

8.1CVSS6.8AI score0.00098EPSS

CVE•added 2024/09/05 4:15 p.m.•39 views

CVE-2024-45096

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.

6.5CVSS6.2AI score0.00141EPSS

CVE•added 2024/09/05 4:15 p.m.•39 views

CVE-2024-45097

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

7.1CVSS5.8AI score0.00078EPSS

CVE•added 2024/02/02 4:15 a.m.•33 views

CVE-2022-40744

IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236441.

5.4CVSS5.1AI score0.00055EPSS