CVE-2020-4545 · CVEKit

cve.orgen

343 chars

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183190.

NVDen

343 chars

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature. By persuading a victim to open a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183190.

NVDes

434 chars

IBM Aspera Connect versión 3.9.9, podría permitir a un atacante remoto ejecutar código arbitrario en el sistema, causado por la carga inapropiada de una Biblioteca de Enlace Dinámicos mediante la funcionalidad de importación. Al persuadir a una víctima para que abra un archivo .DLL especialmente diseñado, un atacante podría explotar esta vulnerabilidad para ejecutar código arbitrario en el sistema. IBM X-Force ID: 183190

CVSS metrics across sources

5

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	9.3	8.6	10.0	AV:N/AC:M/Au:N/C:C/I:C/A:C
3.0	Primary	cve.org	7.8	—	—	CVSS:3.0/AC:L/A:H/UI:R/AV:L/S:U/I:H/PR:N/C:H/E:U/RC:C/RL:O