Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Aspera information disclosure
Vulnerability Description
IBM Aspera Connect 4.2.5 and IBM Aspera Cargo 4.2.5 transmits authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
凭证传输未经安全保护
Vulnerability Title
IBM Aspera 安全漏洞
Vulnerability Description
IBM Aspera是美国国际商业机器(IBM)公司的一套基于IBM FASP协议构建的快速文件传输和流解决方案。 IBM Aspera Connect 4.2.5版本和IBM Aspera Cargo 4.2.5版本存在安全漏洞,该漏洞源于使用不安全的方法传输身份验证凭据,容易受到未经授权的拦截和检索。
CVSS Information
N/A
Vulnerability Type
N/A