CVE-2020-4436

Summary

Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service. IBM X-Force ID: 180902.

Affected Software

VendorProductVersion RangeStatus
IBMAspera Faspex On Demand3.7.4affected
IBMAspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)3.9.10affected
IBMAspera High-Speed Transfer Endpoint3.9.3affected
IBMAspera Streaming3.9.3affected
IBMAspera Server On Demand3.7.4affected
IBMAspera Shares On Demand3.7.4affected
IBMAspera Application Platform On Demand3.7.4affected
IBMAspera Transfer Cluster Manager1.3.1affected
IBMAspera High-Speed Transfer Server3.9.3affected
IBMAspera Proxy Server1.4.3affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References