IBM » Aspera Connect : Security Vulnerabilities, CVEs,
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Max CVSS
9.8
EPSS Score
0.22%
Published
2023-04-02
Updated
2023-04-08
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.
Max CVSS
8.4
EPSS Score
0.04%
Published
2023-06-05
Updated
2023-06-09
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Max CVSS
9.8
EPSS Score
0.22%
Published
2023-04-02
Updated
2023-04-07
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 244107.
Max CVSS
7.5
EPSS Score
0.07%
Published
2023-06-05
Updated
2023-06-09
IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183190.
Max CVSS
9.3
EPSS Score
0.30%
Published
2020-09-04
Updated
2020-09-09
5 vulnerabilities found