Vulnerability Details CVE-2023-22862
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.2%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2023-22862
-
cpe:2.3:a:ibm:aspera_cargo:-
-
cpe:2.3:a:ibm:aspera_cargo:4.2.4
-
cpe:2.3:a:ibm:aspera_cargo:4.2.5
-
cpe:2.3:a:ibm:aspera_connect:-
-
cpe:2.3:a:ibm:aspera_connect:3.9.8
-
cpe:2.3:a:ibm:aspera_connect:3.9.9
-
cpe:2.3:a:ibm:aspera_connect:4.2.4
-
cpe:2.3:a:ibm:aspera_connect:4.2.5