Potential Security Vulnerability in IBM Aspera Faspex 5.0.0-5.0.9 Allows Unauthorized Access Restrictions Bypass
CVE-2024-45098

8.1HIGH

Key Information:

Vendor: IBM
Status: Aspera Faspex
Vendor: CVE Published:; 5 September 2024

Summary

IBM Aspera Faspex versions 5.0.0 through 5.0.9 are susceptible to a vulnerability where an attacker could potentially bypass established access restrictions. This weakness may enable unauthorized users to modify resources within the application, posing risks to data integrity and security. Organizations using affected versions are encouraged to review their security configurations and apply any necessary updates to mitigate potential impacts.

References

https://www.ibm.com/support/pages/node/7167255

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 5, 2024