Vulnerabilities > IBM > Aspera Connect > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-05 CVE-2023-22862 Unspecified vulnerability in IBM Aspera Cargo and Aspera Connect
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
network
low complexity
ibm
7.5
2023-06-05 CVE-2023-27285 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Aspera Cargo and Aspera Connect
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 is vulnerable to a buffer overflow, caused by improper bounds checking.
local
low complexity
ibm CWE-119
7.8
2020-09-04 CVE-2020-4545 Untrusted Search Path vulnerability in IBM Aspera Connect 3.9.8/3.9.9
IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature.
local
low complexity
ibm CWE-426
7.8