Skip to main content

Aspera Faspex On Demand

5 CVEs product

Monthly

CVE-2020-4436 HIGH This Week

Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM Aspera Application Platform On Demand Aspera Faspex On Demand +8
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2020-4435 HIGH This Week

Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption Aspera Application Platform On Demand +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-4434 HIGH This Week

Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM Aspera Application Platform On Demand Aspera Faspex On Demand +8
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2020-4433 HIGH This Week

Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM Aspera Application Platform On Demand Aspera Faspex On Demand +8
NVD
CVSS 3.1
7.5
EPSS
5.1%
CVE-2020-4432 HIGH This Week

Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Command Injection Aspera Application Platform On Demand Aspera Faspex On Demand Aspera High Speed Transfer Endpoint +7
NVD
CVSS 3.1
7.5
EPSS
3.4%
EPSS 3% CVSS 7.5
HIGH This Week

Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM +10
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM +11
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM +10
NVD
EPSS 5% CVSS 7.5
HIGH This Week

Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE IBM +10
NVD
EPSS 3% CVSS 7.5
HIGH This Week

Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM Command Injection Aspera Application Platform On Demand +9
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy