Skip to main content

Aspera Connect

5 CVEs product

Monthly

CVE-2023-27285 HIGH PATCH This Week

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE IBM Aspera Cargo Aspera Connect
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-22862 HIGH PATCH This Week

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass IBM Aspera Cargo Aspera Connect
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-27286 CRITICAL PATCH Act Now

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE IBM Aspera Cargo Aspera Connect
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-27284 CRITICAL PATCH Act Now

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE IBM Aspera Cargo Aspera Connect
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-4545 HIGH This Week

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE IBM Aspera Connect
NVD
CVSS 3.1
7.8
EPSS
3.0%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE IBM +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass IBM Aspera Cargo +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE IBM +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE IBM +2
NVD
EPSS 3% CVSS 7.8
HIGH This Week

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE IBM Aspera Connect
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy