CVE-2022-43840
published 2025-04-14CVE-2022-43840: IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive…
medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
IBM Aspera Console 3.4.0 through 3.4.4
is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_console | 3.4.0 – 3.4.4 | — |