CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-4545

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183190.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/183190
https://www.ibm.com/support/pages/node/6326537
https://exchange.xforce.ibmcloud.com/vulnerabilities/183190
https://www.ibm.com/support/pages/node/6326537

Products affected by CVE-2020-4545

Ibm » Aspera Connect » Version: N/A

cpe:2.3:a:ibm:aspera_connect:-
Ibm » Aspera Connect » Version: 3.9.8

cpe:2.3:a:ibm:aspera_connect:3.9.8
Ibm » Aspera Connect » Version: 3.9.9

cpe:2.3:a:ibm:aspera_connect:3.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-4545

Products

Pricing

Contact Us