CVE-2023-35907

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Jan 29, 2025

CWE ID 521

Summary

CVE-2023-35907 is a vulnerability affecting IBM Aspera Faspex versions 5.0.0 through 5.0.10. This issue allows attackers to target weak passwords and potentially gain unauthorized access to user accounts. By default, the software does not enforce stringent password requirements, increasing the risk of successful credential theft. Organizations using these affected versions are strongly advised to implement password policies and update to the latest version as soon as possible to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

IBM Aspera Faspex

Affected Vendors

IBM Corporation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tb1idx
https://www.cve.org/CVERecord?id=CVE-2023-35907
https://nvd.nist.gov/vuln/detail/CVE-2023-35907

Back to Vulnerability Database