CVE-2023-30995

Summary

CVE-2023-30995 is a vulnerability affecting IBM Aspera Faspex versions 4.0 to 4.4.2 and 5.0 to 5.0.5. Malicious actors can exploit this issue by sending a carefully crafted HTTP request to bypass IP whitelist restrictions, potentially gaining unauthorized access to the system (IBM X-Force ID: 254268). This vulnerability poses a significant risk to organizations using Aspera Faspex and emphasizes the importance of keeping software up to date to protect against such threats. The vulnerability in IBM Aspera Faspex (CVE-2023-30995) allows malicious actors to bypass IP whitelist restrictions through specially crafted HTTP requests. Exploiting this issue can lead to unauthorized access to the system, posing a considerable risk to organizations using the affected versions (IBM X-Force ID: 254268). To mitigate this threat, it's crucial to upgrade to the patched versions as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.