Aspera Console | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Kategori: Aspera Console - CVE listesi
PRODUCT 11 kayıt
Medium CVSS: 5.3

CVE-2025-13460

IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
Low CVSS: 2.7

CVE-2025-13459

IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow.
Medium CVSS: 5.3

CVE-2025-13212

IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency.
High CVSS: 8.6

CVE-2025-13379

IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
Medium CVSS: 4.9

CVE-2025-13925

IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user.
Low CVSS: 3.1

CVE-2023-27272

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system.
Medium CVSS: 5.3

CVE-2022-43852

IBM Aspera Console 3.4.0 through 3.4.4 could disclose sensitive information in HTTP headers that could be used in further attacks against the system.
Medium CVSS: 5.9

CVE-2022-43851

IBM Aspera Console 3.4.0 through 3.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
Medium CVSS: 5.4

CVE-2022-43850

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disc…
Medium CVSS: 5.4

CVE-2022-43847

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cr…
Medium CVSS: 4.3

CVE-2022-43840

IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.