Vulnerabilities > CVE-2023-37407 - Unspecified vulnerability in IBM Aspera Orchestrator 4.0.1

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

NVD

Published: 2024-05-03

Updated: 2025-01-07

Summary

IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 260116.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Aspera Orchestrator 4.0.1	1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/260116
https://exchange.xforce.ibmcloud.com/vulnerabilities/260116
https://www.ibm.com/support/pages/node/7150117
https://www.ibm.com/support/pages/node/7150117