IBM » Aspera Connect : Security Vulnerabilities, CVEs,

CVE-2023-27286

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Max CVSS
9.8
EPSS Score
0.22%
Published
2023-04-02
Updated
2023-04-08

CVE-2023-27285

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-06-05
Updated
2023-06-09

CVE-2023-27284

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Max CVSS
9.8
EPSS Score
0.22%
Published
2023-04-02
Updated
2023-04-07

CVE-2023-22862

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 244107.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-06-05
Updated
2023-06-09

CVE-2020-4545

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183190.
Max CVSS
9.3
EPSS Score
0.30%
Published
2020-09-04
Updated
2020-09-09
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close