CVE-2022-43841

IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078.

CVSS v3 4.0 MEDIUM

4.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/239078	Vendor Advisory
https://www.ibm.com/support/pages/node/7155202	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/239078	Vendor Advisory
https://www.ibm.com/support/pages/node/7155202	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:aspera_console::::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_1::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_2::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_3::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_4::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_5::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_6::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_7::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_8::::::
	cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_9::::::

History

No history.

Information

Published : 2024-05-30 12:15

Updated : 2025-01-08 17:13

NVD link : CVE-2022-43841

Mitre link : CVE-2022-43841

CVE.ORG link : CVE-2022-43841

JSON object : View

Products Affected

ibm

aspera_console

CWE

CWE-525

Use of Web Browser Cache Containing Sensitive Information

NVD-CWE-Other

{"id": "CVE-2022-43841", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.0, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-05-30T12:15:10.000", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239078", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.ibm.com/support/pages/node/7155202", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239078", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.ibm.com/support/pages/node/7155202", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-525"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "IBM Aspera Console 3.4.0 through 3.4.2 PL9 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 239078."}, {"lang": "es", "value": "IBM Aspera Console 3.4.0 a 3.4.2 PL9 permite almacenar p\u00e1ginas web localmente que otro usuario del sistema puede leer. ID de IBM X-Force: 239078."}], "lastModified": "2025-01-08T17:13:14.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E704943-929C-470A-AD69-3A652C4CCD99", "versionEndIncluding": "3.4.2", "versionStartIncluding": "3.4.0"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04A1A613-67C4-4980-A707-D43638F9108D"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00824D6B-F2FD-4E2B-A8E9-9552883D190C"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0D15741-C6AD-45A9-A6C8-1848A51FC630"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "833812B2-9142-437C-8EF7-8B27D0AC4D39"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6F2E6AB-3865-4CCD-96C6-55A0C9065EB8"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D16849BE-F970-45E9-AF1D-C60125D19AA1"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77AE8E47-A401-4461-9642-B02310DB425D"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84E045D4-E23B-4EB1-A5B1-D4AEEE109F2F"}, {"criteria": "cpe:2.3:a:ibm:aspera_console:3.4.2:patch_level_9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4880764E-A954-4EC6-8710-30212C60B609"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}