Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Aspera_shares
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-09-16 | CVE-2024-38315 | IBM Aspera Shares 1.0 through 1.10.0 PL3 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system. | Aspera_shares | 6.5 | ||
| 2024-08-12 | CVE-2023-38018 | IBM Aspera Shares 1.10.0 PL2 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 260574. | Aspera_shares | 5.4 | ||
| 2020-09-21 | CVE-2020-4731 | IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188055. | Aspera_shares | 6.1 |