CVE-2023-27272

CWE-5213 documents3 sources

Severity

8.8HIGH

EPSS

0.2%

top 61.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedApr 14

Description

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

▶NVDibm/aspera_console3.4.0 — 3.4.5

▶CVEListV5ibm/aspera_console3.4.0 — 3.4.4

GHSA

GHSA-wpfj-mj4c-x9cf: IBM Aspera Console 3↗2025-04-14

▶

CVEList

IBM Aspera Console weak password requirements↗2025-04-14

▶