Security Bulletin
Summary
Certain IBM Aspera applications are vulnerable to the following vulnerabilities based on product configuration and/or valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS). The vulnerabilities are fixed in the listed product versions below.
Vulnerability Details
CVEID: CVE-2020-4434
DESCRIPTION: Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180900 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4436
DESCRIPTION: Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180902 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4435
DESCRIPTION: Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180901 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4432
DESCRIPTION: Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180810 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4433
DESCRIPTION: Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180814 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
DESCRIPTION: Certain IBM Aspera applications are vulnerable to buffer overflow based on the product configuration and valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180900 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4436
DESCRIPTION: Certain IBM Aspera applications are vulnerable to buffer overflow after valid authentication, which could allow an attacker with intimate knowledge of the system to execute arbitrary code through a service.
CVSS Base score: 8.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180902 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4435
DESCRIPTION: Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180901 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4432
DESCRIPTION: Certain IBM Aspera applications are vulnerable to command injection after valid authentication, which could allow an attacker with intimate knowledge of the system to execute commands in a SOAP API.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180810 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2020-4433
DESCRIPTION: Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/180814 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) |
Version(s) |
| IBM Aspera High-Speed Transfer Server |
3.9.3 and earlier |
| IBM Aspera High-Speed Transfer Endpoint | 3.9.3 and earlier |
| IBM Aspera Proxy Server | 1.4.3 and earlier |
| IBM Aspera Transfer Cluster Manager |
1.3.1 with Aspera High-Speed Transfer Server 3.9.3 and earlier |
| IBM Aspera Application Platform On Demand |
3.7.4 and earlier |
| IBM Aspera Faspex On Demand |
3.7.4 and earlier |
| IBM Aspera Server On Demand | 3.7.4 and earlier |
| IBM Aspera Shares On Demand | 3.7.4 and earlier |
| IBM Aspera Streaming | 3.9.3 and earlier |
| IBM Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I) | 3.9.10 and earlier |
Remediation/Fixes
| Product(s) | VRMF | Remediation/First Fix |
| IBM Aspera High-Speed Transfer Server | 3.9.6 | Link to latest release (3.9.6) |
| IBM Aspera High-Speed Transfer Endpoint | 3.9.6 | Link to latest release (3.9.6) |
| IBM Aspera Proxy Server | 1.4.4 | Link to the latest release (1.4.4) |
| IBM Aspera Transfer Cluster Manager | 1.3.1 with IBM Aspera High-Speed Transfer Server (HSTS) 3.9.6 | Contact your IBM sales rep for access to the latest released image (1.3.1) |
| IBM Aspera Application Platform On Demand | 3.9.6 | Contact your IBM sales rep for access to the latest released image (3.9.6) |
| IBM Aspera Faspex On Demand | 3.9.6 | Contact your IBM sales rep for access to the latest released image (3.9.6) |
| IBM Aspera Server On Demand | 3.9.6 | Contact your IBM sales rep for access to the latest released image (3.9.6) |
| IBM Aspera Shares On Demand | 3.9.6 | Contact your IBM sales rep for access to the latest released image (3.9.6) |
| IBM Aspera High-Speed Transfer Server (HSTS) for Cloud Pak for Integration (CP4I) | 3.9.11 | Access your charts to get the latest version. |
| IBM Aspera Streaming | 3.9.6 | Link to latest release (3.9.6) |
Workarounds and Mitigations
N/A
Get Notified about Future Security Bulletins
References
Off
Change History
8 June 2020: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRFYR","label":"IBM Aspera on Demand"},"ARM Category":[{"code":"","label":""}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB45","label":"Automation"}},{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS8NDZ","label":"IBM Aspera"},"ARM Category":[{"code":"","label":""}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB45","label":"Automation"}},{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSL7UM","label":"IBM Aspera High-Speed Transfer Endpoint (HSTE)"},"ARM Category":[{"code":"","label":""}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB45","label":"Automation"}},{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSL85S","label":"IBM Aspera High-Speed Transfer Server (HSTS)"},"ARM Category":[{"code":"a8m0z0000001gq7AAA","label":"HSTS High Speed Transfer Server \/ Enterprise Server"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB45","label":"Automation"}},{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SUNSET","label":"PRODUCT REMOVED"},"ARM Category":[{"code":"","label":""}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"","label":""}}]
Was this topic helpful?
Document Information
Modified date:
20 February 2022
UID
ibm16221324