CVE-2025-36225

Summary

IBM Aspera 5.0.0 through 5.0.13.1

could disclose sensitive user information from the system to an authenticated user due to an observable discrepancy of returned data.

Affected Software

VendorProductVersion RangeStatus
IBMAspera Faspex5.0.0 <= 5.0.13.1affected

Weaknesses

  • CWE-203: CWE-203 Observable Discrepancy

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References