CVE-2022-43847
Published: 14 April 2025
Summary
CVE-2022-43847 is a medium-severity Improper Neutralization of HTTP Headers for Scripting Syntax (CWE-644) vulnerability in Ibm Aspera Console. Its CVSS base score is 5.4 (Medium).
Operationally, ranked at the 43.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-46817
Vulnerability details
IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning…
more
or session hijacking.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.