{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T02:52:40.779","vulnerabilities":[{"cve":{"id":"CVE-2020-4435","sourceIdentifier":"psirt@us.ibm.com","published":"2020-06-10T13:15:17.587","lastModified":"2024-11-21T05:32:44.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901."},{"lang":"es","value":"Determinadas aplicaciones de IBM Aspera son vulnerables a una corrupción arbitraria de la memoria basada en la configuración del producto, lo que podría permitir a un atacante con un conocimiento profundo del sistema ejecutar código arbitrario o llevar a cabo una denegación de servicio (DoS) por medio del servicio fallback de http. IBM X-Force ID: 180901"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_application_platform_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"95A13919-235B-4552-B7E8-E242A1506F33"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_faspex_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"F36A48ED-D90F-4479-95F5-241763D19EAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"A4F8C19B-4648-40A0-89C4-A5002DE60C08"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"F3908B54-5170-4122-BC5A-F290C6187491"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_high-speed_transfer_server_for_cloud_pak_for_integration:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.10","matchCriteriaId":"CA3A89EF-5F28-4983-82AC-403F6CC41BC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_proxy_server:*:*:*:*:*:*:*:*","versionEndIncluding":"1.4.3","matchCriteriaId":"88EBEFDD-35ED-4ADC-85F9-8FEA7778CE9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_server_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"08DF3254-9B03-4D93-A962-EF491CB27366"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_shares_on_demand:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.4","matchCriteriaId":"B91B20E9-06BE-43CD-92B2-44BDA086C507"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_streaming:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"EBB5EC07-527C-4A35-9302-99A5DA1966AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:aspera_transfer_cluster_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.1","matchCriteriaId":"A30F42FA-076C-440B-B04A-55AB5F9974B0"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/180901","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6221324","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/180901","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6221324","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}