IBM Aspera Faspex 5.0.6

CPE Details

IBM Aspera Faspex 5.0.6
ibm
aspera_faspex
5.0.6
2024-04-08
14h42 +00:00
2024-04-08
14h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:aspera_faspex:5.0.6:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

aspera_faspex

Version

5.0.6

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-37413 2025-01-29 16h36 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy.
5.3
Medium
CVE-2023-37412 2025-01-29 16h34 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.
4.9
Medium
CVE-2023-37395 2024-12-11 02h49 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.
3.3
Low
CVE-2024-45097 2024-09-05 15h35 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
7.1
High
CVE-2024-45096 2024-09-05 15h34 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.
6.5
Medium
CVE-2024-45098 2024-09-05 15h31 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
8.1
High
CVE-2023-37411 2024-05-28 12h06 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260139.
5.4
Medium
CVE-2022-40745 2024-04-19 17h01 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.
5.5
Medium
CVE-2023-37397 2024-04-19 16h54 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.
4.4
Medium
CVE-2023-27279 2024-04-19 16h39 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.
6.5
Medium
CVE-2023-37396 2024-04-19 16h06 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.
5.5
Medium
CVE-2023-22869 2024-04-19 15h48 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.
5.5
Medium
CVE-2023-37400 2024-04-19 14h02 +00:00 IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677.
7.8
High
CVE-2022-40744 2024-02-02 03h08 +00:00 IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 236441.
5.4
Medium