CVE-2020-4432
CVE-2020-4432
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API. IBM X-Force ID: 180810.
CVSS:3.0/C:H/A:H/AV:N/PR:L/S:U/I:H/AC:H/UI:N/RC:C/E:U/RL:O
Productos afectados
IBM · Aspera Application Platform On DemandIBM · Aspera Faspex On DemandIBM · Aspera High-Speed Transfer EndpointIBM · Aspera High-Speed Transfer ServerIBM · Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I)IBM · Aspera Proxy ServerIBM · Aspera Server On DemandIBM · Aspera Shares On DemandIBM · Aspera StreamingIBM · Aspera Transfer Cluster Manager¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →