VYPR
Unrated severityNVD Advisory· Published Jun 10, 2020· Updated Sep 16, 2024

CVE-2020-4435

CVE-2020-4435

Description

Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • IBM/Asperallm-fuzzy
  • IBM/Aspera Application Platform On Demandv5
    Range: 3.7.4
  • IBM/Aspera Faspex On Demandv5
    Range: 3.7.4
  • IBM/Aspera High-Speed Transfercpe-rescue2 versions
    3.9.3+ 1 more
    • (no CPE)range: 3.9.3
    • (no CPE)range: 3.9.3
  • IBM/Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)v5
    Range: 3.9.10
  • IBM/Aspera Proxy Serverv5
    Range: 1.4.3
  • IBM/Aspera Server On Demandv5
    Range: 3.7.4
  • IBM/Aspera Sharescpe-rescue
    Range: 3.7.4
  • IBM/Aspera Streamingv5
    Range: 3.9.3
  • IBM/Aspera Transfer Cluster Managerv5
    Range: 1.3.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.