Ibm

Aspera Connect

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-22862

  • EPSS 0.06%
  • Veröffentlicht 05.06.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 07:45:32

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

7.8

CVE-2023-27285

  • EPSS 0.02%
  • Veröffentlicht 05.06.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 07:52:35

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.

9.8

CVE-2023-27284

  • EPSS 0.08%
  • Veröffentlicht 02.04.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:52:34

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

9.8

CVE-2023-27286

  • EPSS 0.05%
  • Veröffentlicht 02.04.2023 21:15:08
  • Zuletzt bearbeitet 21.11.2024 07:52:35

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

9.3

CVE-2020-4545

  • EPSS 0.97%
  • Veröffentlicht 04.09.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:52

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker coul...