Vulnerabilities > IBM > Aspera Faspex > 5.0.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-19 | CVE-2022-40745 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. | 5.5 |
| 2024-04-19 | CVE-2023-27279 | Unspecified vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. | 6.5 |
| 2024-04-19 | CVE-2023-37397 | Inadequate Encryption Strength vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. | 4.4 |
| 2024-02-02 | CVE-2022-40744 | Cross-site Scripting vulnerability in IBM Aspera Faspex IBM Aspera Faspex 5.0.6 is vulnerable to stored cross-site scripting. | 5.4 |
| 2023-09-08 | CVE-2023-30995 | Incorrect Authorization vulnerability in IBM Aspera Faspex IBM Aspera Faspex 4.0 through 4.4.2 and 5.0 through 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. | 7.5 |