Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Aspera Faspex  >> 5.0.2  Security Vulnerabilities
CVE-2023-37398
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
CVSS Score
5.9
EPSS Score
0.0
Published
2025-01-29
CVE-2023-37412
IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes without proper access controls.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-01-29
CVE-2023-37413
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-01-29
CVE-2023-37395
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.
CVSS Score
2.5
EPSS Score
0.001
Published
2024-12-11
CVE-2024-45097
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-09-05
CVE-2024-45098
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVSS Score
6.8
EPSS Score
0.0
Published
2024-09-05
CVE-2024-45096
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-09-05
CVE-2023-37411
IBM Aspera Faspex 5.0.0 through 5.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 260139.
CVSS Score
4.8
EPSS Score
0.001
Published
2024-05-28
CVE-2022-40745
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-04-19
CVE-2023-27279
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-04-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved