FortiClient Vulnerability

Security Vulnerabilities fixed in IBM Aspera Faspex 4.4.2

Description

This Security Bulletin addresses security vulnerabilities that have been remediated in IBM Aspera Faspex 4.4.2 PL2.

Outbreak Alert

IBM Aspera Faspex could allow a remote attacker to execute code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system.

View the full Outbreak Alert Report

Affected Applications

IBM Aspera Faspex

CVE References

CVE-2022-28330 CVE-2023-22868 CVE-2022-30556 CVE-2022-31813 CVE-2022-30522 CVE-2022-47986 CVE-2022-28615 CVE-2022-26377 CVE-2018-25032 CVE-2022-2068

Other References

https://www.ibm.com/support/pages/node/6952319

ID	4795
Created	Feb 18, 2023
Description Updated	Nov 03, 2023
Outbreak Alert	IBM Aspera Faspex Code Execution
Risk
Coverage	FortiClient
OS	Windows
Vendor	IBM
Patch	manual
Application	IBM Aspera Faspex

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Security Vulnerabilities fixed in IBM Aspera Faspex 4.4.2

Description

Outbreak Alert

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Security Vulnerabilities fixed in IBM Aspera Faspex 4.4.2

Description

Outbreak Alert

Affected Applications

CVE References

Other References

Threat Intelligence
Center