Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-4434
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款IBM产品缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM Aspera是美国IBM公司的一套基于IBM FASP协议构建的快速文件传输和流解决方案。 多款IBM产品中存在缓冲区错误漏洞。攻击者可利用该漏洞执行任意代码或造成拒绝服务。以下产品及版本受到影响:IBM Aspera High-Speed Transfer Server 3.9.3及之前版本;High-Speed Transfer Endpoint 3.9.3及之前版本;Proxy Server 1.4.3及之前版本;Transfer Cluster Manager 1.3.1版本和3.9.3及
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
IBMAspera Shares On Demand 3.7.4 -
IBMAspera Application Platform On Demand 3.7.4 -
IBMAspera Transfer Cluster Manager 1.3.1 -
IBMAspera High-Speed Transfer Server 3.9.3 -
IBMAspera Proxy Server 1.4.3 -
IBMAspera Faspex On Demand 3.7.4 -
IBMAspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) 3.9.10 -
IBMAspera High-Speed Transfer Endpoint 3.9.3 -
IBMAspera Streaming 3.9.3 -
IBMAspera Server On Demand 3.7.4 -
II. Public POCs for CVE-2020-4434
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2020-4434
Please Login to view more intelligence information
New Vulnerabilities
Vendor: IBM
V. Comments for CVE-2020-4434

No comments yet

Leave a comment