CVE-2021-38963
Published: 25 September 2024
Summary
CVE-2021-38963 is a high-severity Improper Neutralization of Formula Elements in a CSV File (CWE-1236) vulnerability in Ibm Aspera Console. Its CVSS base score is 8.0 (High).
Operationally, ranked at the 45.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-25400
Vulnerability details
IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a specially crafted file, an attacker could exploit this…
more
vulnerability to execute arbitrary code on the system.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.