Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
ibm Aspera Faspex

Version 5.0.0

SEMANTIC 12 CVEs

Known Vulnerabilities

CVE-2023-37395

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.

LOW CVSS 2.5 Published Dec 11, 2024

CVE-2024-45097

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

MEDIUM CVSS 5.9 Published Sep 05, 2024

CVE-2024-45096

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.

MEDIUM CVSS 6.5 Published Sep 05, 2024

CVE-2024-45098

IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.

MEDIUM CVSS 6.8 Published Sep 05, 2024

CVE-2023-37411

IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260139.

MEDIUM CVSS 4.8 Published May 28, 2024

CVE-2022-40745

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.

MEDIUM CVSS 5.5 Published Apr 19, 2024

CVE-2023-37397

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.

LOW CVSS 3.6 Published Apr 19, 2024

CVE-2023-27279

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.

MEDIUM CVSS 6.5 Published Apr 19, 2024

CVE-2023-37396

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.

LOW CVSS 2.5 Published Apr 19, 2024

CVE-2023-22869

IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.

MEDIUM CVSS 5.5 Published Apr 19, 2024

CVE-2023-37400

IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677.

HIGH CVSS 7.8 Published Apr 19, 2024

CVE-2022-22497

IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.

HIGH CVSS 7.5 Published May 24, 2022