CVE-2023-27286

CVSS V2 None CVSS V3 None
Description
IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.
Overview
  • CVE ID
  • CVE-2023-27286
  • Assigner
  • psirt@us.ibm.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-04-02T21:15:08
  • Last Modified Date
  • 2023-04-08T01:59:50
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:ibm:aspera_cargo:*:*:*:*:*:*:*:* 1 OR 4.2.5
cpe:2.3:a:ibm:aspera_connect:*:*:*:*:*:*:*:* 1 OR 4.2.5
References
Reference URL Reference Tags
https://exchange.xforce.ibmcloud.com/vulnerabilities/248627 VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/6966588 Patch Vendor Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 04:00:42 Added to TrackCVE
2023-04-17 04:00:45 Weakness Enumeration new