CVE-2023-37400

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 19, 2024

CWE ID 522

Summary

CVE-2023-37400 is a vulnerability affecting IBM Aspera Faspex versions 5.0.0 through 5.0.7. This issue enables local users to escalate their privileges due to insecure credential storage. IBM's X-Force team has assigned ID 259677 to this vulnerability. By exploiting this weakness, attackers could potentially gain unauthorized access to sensitive information or take control of the affected system. This vulnerability underscores the importance of implementing secure credential management practices to mitigate the risk of privilege escalation attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r4xVQt
https://www.cve.org/CVERecord?id=CVE-2023-37400
https://nvd.nist.gov/vuln/detail/CVE-2023-37400

Back to Vulnerability Database

CVE-2023-37400

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations