Aspera Connect Security Vulnerabilities and Issues — Aspera Connect CVE List

cve

CVE-2023-27285

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: ...

7.8CVSS

7.8AI Score

0.0004EPSS

2023-06-05 12:15 AM

23

cve

CVE-2023-22862

IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. IBM X-Force ID: ...

7.5CVSS

7.3AI Score

0.001EPSS

2023-06-05 12:15 AM

24

cve

CVE-2023-27286

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: ...

9.8CVSS

9.4AI Score

0.003EPSS

2023-04-02 09:15 PM

32

cve

CVE-2023-27284

IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: ...

9.8CVSS

9.4AI Score

0.003EPSS

2023-04-02 09:15 PM

32

cve

CVE-2020-4545

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute...

7.8CVSS

7.6AI Score

0.003EPSS

2020-09-04 02:15 PM

16