Ibm

Aspera Faspex

38 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2023-37395

  • EPSS 0.07%
  • Published 11.12.2024 03:15:04
  • Last modified 07.01.2025 21:10:50

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.

8.1

CVE-2024-45098

  • EPSS 0.1%
  • Published 05.09.2024 16:15:08
  • Last modified 06.09.2024 13:01:44

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

7.1

CVE-2024-45097

  • EPSS 0.08%
  • Published 05.09.2024 16:15:08
  • Last modified 06.09.2024 12:51:59

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

6.5

CVE-2024-45096

  • EPSS 0.14%
  • Published 05.09.2024 16:15:07
  • Last modified 06.09.2024 12:34:17

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.

5.4

CVE-2023-37411

  • EPSS 0.07%
  • Published 28.05.2024 12:15:08
  • Last modified 14.01.2025 20:22:28

IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...

4.4

CVE-2023-37397

  • EPSS 0.03%
  • Published 19.04.2024 17:15:51
  • Last modified 21.11.2024 08:11:38

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.

6.5

CVE-2023-27279

  • EPSS 0.13%
  • Published 19.04.2024 17:15:51
  • Last modified 21.11.2024 07:52:34

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.

5.5

CVE-2022-40745

  • EPSS 0.04%
  • Published 19.04.2024 17:15:51
  • Last modified 21.11.2024 07:21:58

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.

5.5

CVE-2023-37396

  • EPSS 0.03%
  • Published 19.04.2024 16:15:09
  • Last modified 19.12.2024 15:40:24

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.

5.5

CVE-2023-22869

  • EPSS 0.05%
  • Published 19.04.2024 16:15:09
  • Last modified 19.12.2024 15:41:55

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.