CVE-2022-22391

Vulnerability

IBM Aspera High-Speed Transfer Server and Endpoint versions 4.3.1 and earlier do not properly restrict access to certain operating system files. An authenticated user can leverage this flaw to read information from non-sensitive OS files that they should not have access to [1]. This affects both the server and endpoint components of the product.

Exploitation

The attacker must have valid authentication credentials for the Aspera High-Speed Transfer installation. With network access to the service, the attacker sends a crafted request that exploits the missing access control checks on non-sensitive operating system files, allowing them to read those files [1]. No additional privileges or user interaction beyond authentication is required.

Impact

Successful exploitation results in the disclosure of information contained in non-sensitive operating system files. The confidentiality impact is low, as only non-sensitive files are exposed. There is no impact on integrity or availability. The CVSS base score is 4.3 (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) [1].

Mitigation

IBM released fixes in Aspera High-Speed Transfer Server version 4.3.2 and Aspera High-Speed Transfer Endpoint version 4.3.2 [1]. There are no workarounds documented. Users should upgrade to the fixed versions or later to remediate this vulnerability.