CVE-2026-8180

{"id": "CVE-2026-8180", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-05-27T14:17:38.170", "references": [{"url": "https://www.ibm.com/support/pages/node/7273615", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An unauthenticated user can cause the asperahttpd service to crash."}], "lastModified": "2026-06-05T18:56:59.087", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D9E17C2-F77C-423C-8870-02139D215727", "versionEndIncluding": "4.4.6", "versionStartIncluding": "3.7.4"}, {"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9E8FCBA-C640-474C-8824-6A9AAC9D626D"}, {"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_endpoint:4.4.7:fixpack1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BE56C6A-DF12-4319-9927-25F6CE48AFB7"}, {"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "283AD1B0-CD08-417A-8AF0-F0F2670D8F09", "versionEndIncluding": "4.4.6", "versionStartIncluding": "3.7.4"}, {"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "798D462A-A218-42D3-9CB7-BE2F77B33860"}, {"criteria": "cpe:2.3:a:ibm:aspera_high-speed_transfer_server:4.4.7:fixpack1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23F3C04F-668C-4C35-A12A-862522B46F6F"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}