CVE-2023-22870

CWE-319Cleartext Transmission3 documents3 sources
Severity
5.9MEDIUM
EPSS
0.0%
top 94.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Aspera Faspex
Timeline
PublishedSep 5

Description

IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/aspera_faspex5.0.5

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
CVEList
IBM Aspera Faspex information disclosure2023-09-05
GHSA
GHSA-x6h4-v5ww-9rw2: IBM Aspera Faspex 52023-09-05
CVE-2023-22870 (MEDIUM CVSS 5.9) | IBM Aspera Faspex 5.0.5 transmits s | cvebase.io