Описание
IBM Aspera Console 3.4.0 through 3.4.4
is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.4.0 (включая) до 3.4.4 (включая)
cpe:2.3:a:ibm:aspera_console:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00102
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-643
CWE-643
Связанные уязвимости
CVSS3: 4.3
github
10 месяцев назад
IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.
EPSS
Процентиль: 28%
0.00102
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-643
CWE-643