Vulnerabilities > CVE-2023-27283 - Information Exposure Through Discrepancy vulnerability in IBM Aspera Orchestrator 4.0.1

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
ibm
CWE-203
NVD
Published: 2024-05-04
Updated: 2025-01-07

Summary

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Common Weakness Enumeration (CWE)

References