CVE-2020-4434

Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:aspera_application_platform_on_demand:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_faspex_on_demand:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_high-speed_transfer_server_for_cloud_pak_for_integration:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_proxy_server:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_server_on_demand:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_shares_on_demand:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_streaming:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:aspera_transfer_cluster_manager:*:*:*:*:*:*:*:*

Information

Published : 2020-06-10 06:15

Updated : 2020-06-15 12:06


NVD link : CVE-2020-4434

Mitre link : CVE-2020-4434


JSON object : View

CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Advertisement

dedicated server usa

Products Affected

ibm

  • aspera_shares_on_demand
  • aspera_transfer_cluster_manager
  • aspera_application_platform_on_demand
  • aspera_streaming
  • aspera_faspex_on_demand
  • aspera_high-speed_transfer_server
  • aspera_server_on_demand
  • aspera_high-speed_transfer_endpoint
  • aspera_high-speed_transfer_server_for_cloud_pak_for_integration
  • aspera_proxy_server