VYPR

Aspera Connect

by IBM

CVEs (5)

  • CVE-2023-27285Jun 4, 2023
    risk 0.00cvss epss 0.00

    IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625.

  • CVE-2023-22862Jun 4, 2023
    risk 0.00cvss epss 0.01

    IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

  • CVE-2023-27286Mar 28, 2023
    risk 0.00cvss epss 0.01

    IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

  • CVE-2023-27284Mar 28, 2023
    risk 0.00cvss epss 0.01

    IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.

  • CVE-2020-4545Sep 4, 2020
    risk 0.00cvss epss 0.03

    IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability…