CVE-2020-4436
CVE-2020-4436
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.8EPSS 3.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 jun 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.
CVSS:3.0/AV:N/A:H/C:H/S:U/PR:L/AC:L/UI:N/I:H/RL:O/E:U/RC:C
Productos afectados
IBM · Aspera Application Platform On DemandIBM · Aspera Faspex On DemandIBM · Aspera High-Speed Transfer EndpointIBM · Aspera High-Speed Transfer ServerIBM · Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)IBM · Aspera Proxy ServerIBM · Aspera Server On DemandIBM · Aspera Shares On DemandIBM · Aspera StreamingIBM · Aspera Transfer Cluster Manager¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →