CVE-2022-22497
First published: Tue May 24 2022(Updated: )
IBM Aspera Faspex 4.4.1 and 5.0.0 could allow unauthorized access due to an incorrectly computed security token. IBM X-Force ID: 226951.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Aspera Faspex | =4.4.1 | |
| IBM Aspera Faspex | =5.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for IBM Aspera Faspex?
The vulnerability ID for IBM Aspera Faspex is CVE-2022-22497.
What is the severity of CVE-2022-22497?
The severity of CVE-2022-22497 is high with a severity value of 7.5.
Which versions of IBM Aspera Faspex are affected by CVE-2022-22497?
IBM Aspera Faspex versions 4.4.1 and 5.0.0 are affected by CVE-2022-22497.
How does IBM Aspera Faspex allow unauthorized access due to an incorrectly computed security token?
IBM Aspera Faspex allows unauthorized access due to an incorrectly computed security token, which can be exploited by attackers to gain unauthorized access to the system.
How can I fix the vulnerability in IBM Aspera Faspex?
To fix the vulnerability in IBM Aspera Faspex, it is recommended to upgrade to a fixed version or apply a patch provided by IBM.
- collector/nvd-index
- agent/author
- agent/type
- agent/severity
- agent/references
- agent/tags
- agent/event
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm aspera faspex
- version/ibm aspera faspex/4.4.1
- version/ibm aspera faspex/5.0.0