CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27285 – IBM Aspera buffer overflow
https://notcve.org/view.php?id=CVE-2023-27285
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248625. IBM Aspera Connect v4.2.5 e IBM Aspera Cargo v4.2.5 son vulnerables a un desbordamiento de búfer, causado por una comprobación de límites incorrecta. Un atacante podría desbordar un búfer y ejecutar código arbitrario en el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248625 https://www.ibm.com/support/pages/node/7001053 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-22862 – IBM Aspera information disclosure
https://notcve.org/view.php?id=CVE-2023-22862
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: 244107. IBM Aspera Connect e IBM Aspera Cargo 4.2.5 transmite credenciales de autenticación, pero utiliza un método inseguro que es susceptible de ser interceptado y/o recuperado sin autorización. IBM X-Force ID: 244107 IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. • https://exchange.xforce.ibmcloud.com/vulnerabilities/244107 https://www.ibm.com/support/pages/node/7001053 • CWE-522: Insufficiently Protected Credentials CWE-523: Unprotected Transport of Credentials •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27286 – IBM Aspera code execution
https://notcve.org/view.php?id=CVE-2023-27286
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248627 https://www.ibm.com/support/pages/node/6966588 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27284 – IBM Aspera code execution
https://notcve.org/view.php?id=CVE-2023-27284
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616. • https://exchange.xforce.ibmcloud.com/vulnerabilities/248616 https://www.ibm.com/support/pages/node/6966588 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •