{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T12:39:31.712","vulnerabilities":[{"cve":{"id":"CVE-2020-4434","sourceIdentifier":"psirt@us.ibm.com","published":"2020-06-10T13:15:17.477","lastModified":"2024-11-21T05:32:44.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180900."},{"lang":"es","value":"Determinadas aplicaciones de IBM Aspera son vulnerables a un desbordamiento del búfer basado en la configuración del producto y la autenticación válida, lo que podría permitir a un atacante con un conocimiento profundo del sistema ejecutar código arbitrario o llevar a cabo una denegación de servicio (DoS) por medio del servicio fallback de http. IBM X-Force ID: 180900"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_application_platform_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"95A13919-235B-4552-B7E8-E242A1506F33"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_faspex_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"F36A48ED-D90F-4479-95F5-241763D19EAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"A4F8C19B-4648-40A0-89C4-A5002DE60C08"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"F3908B54-5170-4122-BC5A-F290C6187491"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_server_for_cloud_pak_for_integration:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.10","matchCriteriaId":"CA3A89EF-5F28-4983-82AC-403F6CC41BC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_proxy_server:*:*:*:*:*:*:*:*","versionEndIncluding":"1.4.3","matchCriteriaId":"88EBEFDD-35ED-4ADC-85F9-8FEA7778CE9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_server_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"08DF3254-9B03-4D93-A962-EF491CB27366"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_shares_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"B91B20E9-06BE-43CD-92B2-44BDA086C507"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_streaming:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"EBB5EC07-527C-4A35-9302-99A5DA1966AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_transfer_cluster_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.1","matchCriteriaId":"A30F42FA-076C-440B-B04A-55AB5F9974B0"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/180900","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6221324","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/180900","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6221324","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}