Vulnerability Details CVE-2023-27286
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.5%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2023-27286
-
cpe:2.3:a:ibm:aspera_cargo:-
-
cpe:2.3:a:ibm:aspera_cargo:4.2.4
-
cpe:2.3:a:ibm:aspera_connect:-
-
cpe:2.3:a:ibm:aspera_connect:3.9.8
-
cpe:2.3:a:ibm:aspera_connect:3.9.9
-
cpe:2.3:a:ibm:aspera_connect:4.2.4