CVE-2025-33136
7.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Aspera Faspex | 5.0.0 <= 5.0.12 | affected |
Weaknesses
- CWE-471: CWE-471 Modification of Assumed-Immutable Data (MAID)
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.