← back
CVE-2024-38316

IBM Aspera Shares Denial of Service

CVSS 4.3 MEDIUMEPSS 0.4%CWE-770
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch referenciado
Lifecycle
05 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
IBM Aspera Shares 1.9.0 through 1.10.0 PL6 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected products
IBM · Aspera Shares

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →