CPE Details
IBM Aspera Console 3.4.2 Patch Level 7
3.4.2
2024-10-03
16h57 +00:00
16h57 +00:00
2024-10-03
16h57 +00:00
16h57 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_7:*:*:*:*:*:*
Informations
Vendor
ibmProduct
aspera_consoleVersion
3.4.2Update
patch_level_7Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. | 8 |
Haute |
||
| IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie. | 7.5 |
Haute |
||
| IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078. | 4 |
Moyen |
||
| IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238645. | 5.4 |
Moyen |
||
| IBM Aspera Console 3.4.0 through 3.4.2 PL5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238645. | 5.4 |
Moyen |
2025©
tesweb SA
