IBM Aspera Faspex, IBM Aspera Console have addressed the following OpenSSL vulnerability.
Vulnerability Details
CVEID:CVE-2018-0739
DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability to consume excessive stack memory.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/140847> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
IBM Aspera Faspex 4.1.1
IBM Aspera Console 3.3.2
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
IBM Aspera Faspex | 4.2.1 | None | <https://downloads.asperasoft.com/en/downloads/6> |
IBM Aspera Console | 3.3.3 | None | https://downloads.asperasoft.com/en/downloads/3 |