IBM5F8DFBFA5925E27841C7383C252EC89CBC5B70FD84B4799E2A3E0E41C1663DBBSecurity Bulletin: IBM Aspera Console has addressed multiple vulnerabilities.
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.9%
Summary
This Security Bulletin addresses multiple vulnerabilities that have been remediated in IBM Aspera Console 3.4.5.
Vulnerability Details
CVEID:CVE-2024-40725
**DESCRIPTION:**Apache HTTP Server allow a remote attacker to obtain sensitive information, caused by an incomplete fix for CVE-2024-39884 related to ignoring some use of the legacy content-type based configuration of handlers. By using AddType, an attacker could exploit this vulnerability, resulting in source code disclosure of local content.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/298128 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2022-43850
**DESCRIPTION:**IBM Aspera Console is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 4.6
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239226 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N)
CVEID:CVE-2022-43840
**DESCRIPTION:**IBM Aspera Console is vulnerable to an XPath injection vulnerability, which could allow an authenticated attacker to exfiltrate sensitive application data and/or determine the structure of the XML document.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239077 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
CVEID:CVE-2022-43851
**DESCRIPTION:**IBM Aspera Console uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239227 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2024-39573
**DESCRIPTION:**Apache HTTP Server is vulnerable to server-side request forgery, caused by a flaw in the mod_rewrite. By sending a specially crafted request, an attacker could exploit this vulnerability to cause unsafe RewriteRules to unexpectedly setup URL’s to be handled by mod_proxy.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296120 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N)
CVEID:CVE-2024-39884
**DESCRIPTION:**Apache HTTP Server allow a remote attacker to obtain sensitive information, caused by a regression in the core related to ignoring some use of the legacy content-type based configuration of handlers. By using AddType, an attacker could exploit this vulnerability resulting in source code disclosure of local content.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/297177 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2018-25032
**DESCRIPTION:**Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/222615 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2023-27272
**DESCRIPTION:**IBM Aspera Console allows passwords to be reused when a new user logs into the system.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/248496 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N)
CVEID:CVE-2024-36387
**DESCRIPTION:**Apache HTTP Server s vulnerable to a denial of service, caused by a NULL Pointer dereference flaw when serving WebSocket protocol upgrades over a HTTP/2 connection. By sending a specially crafted request, a remote attacker could exploit this vulnerability to crash the server process and degrade performance.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296128 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
CVEID:CVE-2024-38472
**DESCRIPTION:**Apache HTTP Server is vulnerable to server-side request forgery, caused by improper validation of WIndows UNC. By sending a specially crafted request, an attacker could exploit this vulnerability to leak NTML hashes to a malicious server.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296127 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2024-38476
**DESCRIPTION:**Apache HTTP Server allow a remote attacker to obtain sensitive information, caused by improper input validation by the backend applications response headers. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, perform server-side request forgery attack or local script execution.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296123 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CVEID:CVE-2015-4000
**DESCRIPTION:**The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly convey a DHE_EXPORT ciphersuite choice. An attacker could exploit this vulnerability using man-in-the-middle techniques to force a downgrade to 512-bit export-grade cipher. Successful exploitation could allow an attacker to recover the session key as well as modify the contents of the traffic. This vulnerability is commonly referred to as “Logjam”.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/103294 for the current score.
CVSS Vector:
CVEID:CVE-2022-43852
**DESCRIPTION:**IBM Aspera Console could disclose sensitive information in HTTP headers that could be used in further attacks against the system.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239228 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID:CVE-2022-43847
**DESCRIPTION:**IBM Aspera Console is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
CVSS Base score: 5.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239168 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)
CVEID:CVE-2024-38473
**DESCRIPTION:**Apache HTTP Server could allow a remote attacker to bypass security restrictions, caused by an encoding flaw in mod_proxy. By sending specially crafted requests with incorrect encoding an attacker could exploit this vulnerability to bypass authentication validation.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/296126 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
CVEID:CVE-2022-43845
**DESCRIPTION:**IBM Aspera Console could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/239166 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
CVEID:CVE-2024-40898
**DESCRIPTION:**Apache HTTP Server is vulnerable to server-side request forgery, caused by an error on Windows with mod_rewrite in server/vhost context. By sending a specially crafted request, an attacker could exploit this vulnerability to leak NTLM hashes to a malicious server.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/298127 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Aspera Console | 3.4.0 - 3.4.4 |
Remediation/Fixes
It is recommended that customers upgrade to the latest version of IBM Aspera Console:
| Product(s) | Fixing VRM | Platform | Link to Fix |
|---|---|---|---|
| IBM Aspera Console |
3.4.5
| Windows| click here
IBM Aspera Console|
3.4.5
| Linux| click here
Workarounds and Mitigations
None
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | aspera_server_on_demand | 1.0 | cpe:2.3:a:ibm:aspera_server_on_demand:1.0:*:*:*:*:*:*:* |
| ibm | aspera_faspex | 1.0 | cpe:2.3:a:ibm:aspera_faspex:1.0:*:*:*:*:*:*:* |
| ibm | aspera_console | 3.4.2 | cpe:2.3:a:ibm:aspera_console:3.4.2:*:*:*:*:*:*:* |
| ibm | aspera_console | 7 | cpe:2.3:a:ibm:aspera_console:7:*:*:*:*:*:*:* |
| ibm | aspera_server_on_demand | 1.1 | cpe:2.3:a:ibm:aspera_server_on_demand:1.1:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.9%