PT-2023-21051 · Ibm · Ibm Aspera Connect+1
Published
2023-06-04
·
Updated
2023-06-09
·
CVE-2023-27285
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Aspera Connect version 4.2.5
IBM Aspera Cargo version 4.2.5
Description
The issue is caused by improper bounds checking, leading to a buffer overflow. An attacker could overflow a buffer and execute arbitrary code on the system.
Recommendations
For IBM Aspera Connect version 4.2.5, update to a version that fixes the buffer overflow issue.
For IBM Aspera Cargo version 4.2.5, update to a version that fixes the buffer overflow issue.
As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Aspera Cargo
Ibm Aspera Connect