Bypassing Access Restrictions and Modifying Resources
CVE-2024-45097

7.1HIGH

Key Information:

Vendor: IBM
Status: Aspera Faspex
Vendor: CVE Published:; 5 September 2024

What is CVE-2024-45097?

IBM Aspera Faspex versions 5.0.0 through 5.0.9 are affected by a vulnerability that allows users to bypass intended access restrictions. This flaw can lead to unauthorized resource modification, potentially compromising the integrity of the data and operations managed through this application. The issue necessitates immediate attention to ensure secure access controls and protect sensitive information.

References

https://www.ibm.com/support/pages/node/7167255

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2024