Ibm

Aspera Faspex

41 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-35907

  • EPSS 0.06%
  • Veröffentlicht 29.01.2025 17:15:26
  • Zuletzt bearbeitet 04.03.2025 21:43:48

IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

9.8

CVE-2023-37398

  • EPSS 0.06%
  • Veröffentlicht 29.01.2025 17:15:26
  • Zuletzt bearbeitet 04.03.2025 21:43:48

IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

4.9

CVE-2023-37412

  • EPSS 0.05%
  • Veröffentlicht 29.01.2025 17:15:26
  • Zuletzt bearbeitet 04.03.2025 21:43:48

IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.

3.3

CVE-2023-37395

  • EPSS 0.07%
  • Veröffentlicht 11.12.2024 03:15:04
  • Zuletzt bearbeitet 07.01.2025 21:10:50

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.

8.1

CVE-2024-45098

  • EPSS 0.03%
  • Veröffentlicht 05.09.2024 16:15:08
  • Zuletzt bearbeitet 06.09.2024 13:01:44

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

7.1

CVE-2024-45097

  • EPSS 0.02%
  • Veröffentlicht 05.09.2024 16:15:08
  • Zuletzt bearbeitet 06.09.2024 12:51:59

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

6.5

CVE-2024-45096

  • EPSS 0.11%
  • Veröffentlicht 05.09.2024 16:15:07
  • Zuletzt bearbeitet 06.09.2024 12:34:17

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.

5.4

CVE-2023-37411

  • EPSS 0.09%
  • Veröffentlicht 28.05.2024 12:15:08
  • Zuletzt bearbeitet 14.01.2025 20:22:28

IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure withi...

5.5

CVE-2022-40745

  • EPSS 0.04%
  • Veröffentlicht 19.04.2024 17:15:51
  • Zuletzt bearbeitet 21.11.2024 07:21:58

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.

4.4

CVE-2023-37397

  • EPSS 0.03%
  • Veröffentlicht 19.04.2024 17:15:51
  • Zuletzt bearbeitet 21.11.2024 08:11:38

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.