CVE-2023-24965: IBM Aspera Faspex improper access control
First published: Tue Aug 29 2023(Updated: )
IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713.
Credit: psirt@us.ibm.com psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Aspera Faspex | <=5.0.5 | |
| Linux Linux kernel | ||
| <=5.0.5 and prior |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-24965.
What is the severity level of CVE-2023-24965?
The severity level of CVE-2023-24965 is medium.
What is the affected software for this vulnerability?
The affected software for this vulnerability is IBM Aspera Faspex 5.0.5 and prior.
Is Linux Kernel vulnerable to this issue?
No, Linux Kernel is not vulnerable to this issue.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the IBM X-Force ID page (https://exchange.xforce.ibmcloud.com/vulnerabilities/246713) and the IBM Support page (https://www.ibm.com/support/pages/node/7029681).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/remedy
- agent/severity
- agent/title
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- vendor/ibm
- canonical/ibm aspera faspex
- version/ibm aspera faspex/5.0.5
- vendor/linux
- canonical/linux linux kernel
- version/ibm aspera faspex/5.0.5 and prior