IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfer client may be able to take advantage of this vulnerability to access files in the server's local storage that they should not have access to, when specific restriction settings are not in place.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NIBM Aspera High Speed Transfer Server For Cloud Pak For Integration
APPIbm1.5.1 – 1.5.20 (bez)
Related vulnerabilities
Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could al...
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds che...
Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid...
Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configurati...
Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allo...