A vulnerability, which was classified as critical, was found in IBM Aspera Shares 1.10.0 PL2. This affects an unknown part of the component Password Change Handler. The manipulation leads to session fixiation.

This vulnerability is uniquely identified as CVE-2023-38018. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.