PT-2023-21052 · Ibm · Ibm Aspera Connect+1
Published
2023-03-28
·
Updated
2023-04-08
·
CVE-2023-27286
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Aspera Cargo version 4.2.5
IBM Aspera Connect version 4.2.5
Description
The issue is caused by improper bounds checking, leading to a buffer overflow. An attacker could exploit this to execute arbitrary code on the system.
Recommendations
For IBM Aspera Cargo version 4.2.5, update to a version that includes the fix for the buffer overflow issue.
For IBM Aspera Connect version 4.2.5, update to a version that includes the fix for the buffer overflow issue.
As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Aspera Cargo
Ibm Aspera Connect