IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 222576.
References
Link | Resource |
---|---|
https://exchange.xforce.ibmcloud.com/vulnerabilities/222576 | VDB Entry Vendor Advisory |
https://www.ibm.com/support/pages/node/7029681 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
12 Sep 2023, 20:26
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.ibm.com/support/pages/node/7029681 - Patch, Vendor Advisory | |
References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/222576 - VDB Entry, Vendor Advisory | |
First Time |
Linux
Ibm Ibm aspera Faspex Linux linux Kernel |
|
CPE | cpe:2.3:a:ibm:aspera_faspex:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
|
CWE | CWE-311 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
08 Sep 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-08 21:15
Updated : 2024-02-28 20:33
NVD link : CVE-2022-22405
Mitre link : CVE-2022-22405
CVE.ORG link : CVE-2022-22405
JSON object : View
Products Affected
ibm
- aspera_faspex
linux
- linux_kernel
CWE
CWE-311
Missing Encryption of Sensitive Data