Vulnerabilities > IBM > Aspera Cargo > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-22862 Unprotected Transport of Credentials vulnerability in IBM Aspera Cargo and Aspera Connect
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
network
low complexity
ibm CWE-523
7.5
2023-06-05 CVE-2023-27285 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Aspera Cargo and Aspera Connect
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking.
local
low complexity
ibm CWE-119
7.8