CVE-2022-43842

Name of the Vulnerable Software and Affected Versions IBM Aspera Console versions 3.4.0 through 3.4.2

Description The issue allows a remote attacker to send specially crafted SQL statements, which could enable the attacker to view, add, modify, or delete information in the back-end database. This is due to a SQL injection vulnerability.

Recommendations For IBM Aspera Console versions 3.4.0 through 3.4.2, update to a version that is not affected by this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the database to minimize the risk of exploitation.