Vulnerabilities > CVE-2023-30995 - Incorrect Authorization vulnerability in IBM Aspera Faspex
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 8 | |
OS | 1 |
Common Weakness Enumeration (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/254268
- https://www.ibm.com/support/pages/node/7029681
- https://www.ibm.com/support/pages/node/7048851
- https://exchange.xforce.ibmcloud.com/vulnerabilities/254268
- https://www.ibm.com/support/pages/node/7048851
- https://www.ibm.com/support/pages/node/7029681