Latest ibm aspera faspex Vulnerabilities

IBM-7111778
IBM Aspera Faspex<=5.0.6 and earlier
CVE-2022-40744
IBM Aspera Faspex cross-site scripting
IBM Aspera Faspex<=5.0.6 and earlier
IBM Aspera Faspex<5.0.7
IBM-7048851
IBM Aspera Faspex<=4.0 - 4.4.2 PL3
IBM Aspera Faspex<=5.0 - 5.0.5
IBM-7029681
IBM Aspera Faspex<=5.0.5 and prior
CVE-2022-22402
IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2022-22405
IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerabi...
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2023-22870
IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2023-35906
IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper access controls. IBM X-Force ID: 259649.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2023-30995
IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2022-22409
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2022-22401
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. IBM X-Force ID: 222567.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2023-24965
IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713.
IBM Aspera Faspex<=5.0.5
Linux Linux kernel
IBM Aspera Faspex<=5.0.5 and prior
CVE-2023-27871
IBM Aspera Faspex could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query.
IBM Aspera Faspex<=4.4.2
IBM Aspera Faspex=4.4.2-patch_level_1
IBM Aspera Faspex=4.4.2-patch_level_2
Linux Linux kernel
CVE-2023-27873
IBM Aspera Faspex could allow a remote authenticated attacker to obtain sensitive credential information using specially crafted XML input.
IBM Aspera Faspex<=4.4.2
IBM Aspera Faspex=4.4.2-patch_level_1
IBM Aspera Faspex=4.4.2-patch_level_2
Linux Linux kernel
CVE-2023-27874
IBM Aspera is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
IBM Aspera Faspex<=4.4.2
IBM Aspera Faspex=4.4.2-patch_level_1
IBM Aspera Faspex=4.4.2-patch_level_2
Linux Linux kernel
CVE-2023-27875
IBM Aspera Faspex 5.0.4 could allow a user to change other user's credentials due to improper access controls. IBM X-Force ID: 249847.
IBM Aspera Faspex=5.0.4
Linux Linux kernel
Microsoft Windows
CVE-2023-22868
IBM Aspera Faspex 4.4.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea...
IBM Aspera Faspex<=4.4.1
IBM Aspera Faspex=4.4.1-patch_level_1
Linux Linux kernel
Microsoft Windows
IBM-XFORCE-243512
IBM Aspera Faspex code execution
IBM Aspera Faspex<=4.4.2
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier
CVE-2022-47986
IBM Aspera Faspex Code Execution Vulnerability
IBM Aspera Faspex<=4.4.2
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier
IBM Aspera Faspex<=4.4.1
IBM Aspera Faspex=4.4.2
IBM Aspera Faspex=4.4.2-patch_level_1
Linux Linux kernel
and 2 more
CVE-2022-22497
IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.
IBM Aspera Faspex=4.4.1
IBM Aspera Faspex=5.0.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203