Filtered by vendor Ibm Subscriptions
Filtered by product Aspera Faspex Subscriptions
Total 27 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-22409 2 Ibm, Linux 2 Aspera Faspex, Linux Kernel 2024-11-21 5.3 Medium
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592.
CVE-2022-22405 2 Ibm, Linux 2 Aspera Faspex, Linux Kernel 2024-11-21 5.9 Medium
IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 222576.
CVE-2022-22402 2 Ibm, Linux 2 Aspera Faspex, Linux Kernel 2024-11-21 5.4 Medium
IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 222571.
CVE-2022-22401 2 Ibm, Linux 2 Aspera Faspex, Linux Kernel 2024-11-21 5.9 Medium
IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. IBM X-Force ID: 222567.
CVE-2024-45098 1 Ibm 1 Aspera Faspex 2024-09-06 6.8 Medium
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVE-2024-45097 1 Ibm 1 Aspera Faspex 2024-09-06 5.9 Medium
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user to bypass intended access restrictions and conduct resource modification.
CVE-2024-45096 1 Ibm 1 Aspera Faspex 2024-09-06 6.5 Medium
IBM Aspera Faspex 5.0.0 through 5.0.9 could allow a user with access to the package to obtain sensitive information through a directory listing.