CVE-2022-43841: IBM Aspera Console information disclosure
Published May 29, 2024
·Updated
IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078.
Affected Software
11 affected components
IBM Aspera Console<=3.4.0 - 3.4.2 PL9
IBM Aspera Console>=3.4.0<=3.4.2
IBM Aspera Console=3.4.2-patch_level_1
IBM Aspera Console=3.4.2-patch_level_2
IBM Aspera Console=3.4.2-patch_level_3
IBM Aspera Console=3.4.2-patch_level_4
IBM Aspera Console=3.4.2-patch_level_5
IBM Aspera Console=3.4.2-patch_level_6
IBM Aspera Console=3.4.2-patch_level_7
IBM Aspera Console=3.4.2-patch_level_8
IBM Aspera Console=3.4.2-patch_level_9
Event History
May 29, 2024
CVE Published
via IBM·12:00 AM
May 30, 2024
CVE Published
via MITRE·11:45 AM
Data Sourced
via MITRE·11:45 AM
DescriptionSeverityWeakness
Data Sourced
via NVD·12:15 PM
DescriptionSeverityWeakness
Frequently Asked Questions
1
What is the severity of CVE-2022-43841?
The severity of CVE-2022-43841 is moderate due to the potential for information disclosure.
2
How do I fix CVE-2022-43841?
To fix CVE-2022-43841, you should upgrade IBM Aspera Console to version 3.4.2 PL10 or later.
3
What are the affected versions of IBM Aspera Console in CVE-2022-43841?
IBM Aspera Console versions 3.4.0 through 3.4.2 PL9 are affected by CVE-2022-43841.
4
What type of vulnerability is CVE-2022-43841?
CVE-2022-43841 is classified as an information disclosure vulnerability.
5
Can CVE-2022-43841 be exploited remotely?
CVE-2022-43841 requires local access to exploit the information disclosure vulnerability.