CVE-2023-35906

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Sep 5, 2023

Updated: Sep 8, 2023

CWE ID 348

CWE ID 345

Summary

CVE-2023-35906 is a vulnerability affecting IBM Aspera Faspex version 5.0.5. An attacker can exploit this issue to bypass IP restrictions, potentially gaining unauthorized access to the system. This vulnerability, identified as IBM X-Force ID 259649, arises due to improper access controls in place. It is essential for organizations using IBM Aspera Faspex to apply patches promptly to mitigate this risk. Failure to do so may expose the system to remote attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Aspera Faspex

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sf-L-M
https://www.cve.org/CVERecord?id=CVE-2023-35906
https://nvd.nist.gov/vuln/detail/CVE-2023-35906

Back to Vulnerability Database