Vulnerabilities > IBM > Aspera High Speed Transfer Endpoint > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-10 CVE-2020-4436 Classic Buffer Overflow vulnerability in IBM products
Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service.
network
high complexity
ibm CWE-120
7.5
2020-06-10 CVE-2020-4435 Out-of-bounds Write vulnerability in IBM products
Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
network
high complexity
ibm CWE-787
7.5
2020-06-10 CVE-2020-4434 Classic Buffer Overflow vulnerability in IBM products
Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
network
high complexity
ibm CWE-120
7.5
2020-06-10 CVE-2020-4433 Out-of-bounds Write vulnerability in IBM products
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking.
network
high complexity
ibm CWE-787
7.5
2020-06-10 CVE-2020-4432 Command Injection vulnerability in IBM products
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API.
network
high complexity
ibm CWE-77
7.5