Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Aspera Faspex On Demand
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-4435 1 Ibm 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more 2021-07-21 6.0 MEDIUM 7.5 HIGH
Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.
CVE-2020-4432 1 Ibm 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more 2021-07-21 6.0 MEDIUM 7.5 HIGH
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.
CVE-2020-4433 1 Ibm 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more 2021-07-21 9.3 HIGH 7.5 HIGH
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814.
CVE-2020-4436 1 Ibm 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more 2020-06-15 6.0 MEDIUM 7.5 HIGH
Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.
CVE-2020-4434 1 Ibm 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more 2020-06-15 6.0 MEDIUM 7.5 HIGH
Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900.