CVE-2020-4433 HIGH

CVE-2020-4433

Vendor Ibm
Product Aspera Faspex On Demand
Published June 10, 2020
Last update September 16, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AC:H/I:H/UI:N/PR:L/S:U/C:H/AV:N/A:H/RC:C/RL:O/E:U

What the vulnerability does

01Description

Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814.

Key dates

02Disclosure timeline

June 10, 2020 CVE published
September 16, 2024 Record updated