CVE-2023-27871
published 2023-03-21CVE-2023-27871: IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM…
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITW
Exploited in the wild
IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_faspex | <= 4.4.2 | — |
| ibm | aspera_faspex | — | — |