122 matches found
Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Aspera Shares 1.9.4 or earlier and IBM Aspera Console 3.0.6 or earlier
Question Security Bulletin: Multiple OpenSSL vulnerabilities affect IBM Aspera Shares 1.9.4 or earlier and IBM Aspera Console 3.0.6 or earlier "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM...
Security Bulletin: Multiple vulnerabilities in IBM Aspera Console
Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.10 Vulnerability Details CVEID:CVE-2026-26961 DESCRIPTION: Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from...
CVE-2025-13460
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy...
IBM Aspera Console Denial of Service Vulnerability (CNVD-2026-19449)
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. A denial of service vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to cause a denia...
EUVD-2025-208657
IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency...
CVE-2025-13459
IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow...
IBM Aspera Console 安全漏洞
IBM Aspera Console is a Web-based application from International Business Machines IBM. Allows users to centrally manage, monitor and control Aspera servers nodes and transports. An information disclosure vulnerability exists in IBM Aspera Console, which can be exploited by an attacker to enumera...
CVE-2025-13212 IBM Aspera Console Denial of Service
IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency...
CVE-2025-13212
CVE-2025-13212 affects IBM Aspera Console versions 3.3.0–3.4.8, where an authenticated user can induce a denial of service in the email service due to improper control of interaction frequency (CWE-799). The Red Hat and CVE lists corroborate this DoS impact; IBM’s advisory confirms the affected r...
CVE-2025-13212
IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency...
CVE-2025-13212 IBM Aspera Console Denial of Service
IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency...
CVE-2025-13459 IBM Aspera Console Denial of Service
IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow...
CVE-2025-13460 IBM Aspera Console Information Disclosure
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy...
CVE-2025-13460 IBM Aspera Console Information Disclosure
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy...
PT-2026-25368
CVE-2025-13212 IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction freq… https://t.co/nwziIco8rT...
PT-2026-25370
CVE-2025-13460 IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy. https://t.co/sTiAd3lLOs...
Security Bulletin: Multiple vulnerabilities in IBM Aspera Console
Summary Multiple vulnerabilities were addressed in IBM Aspera Console version 3.4.9 Vulnerability Details CVEID:CVE-2025-13459 DESCRIPTION: IBM Aspera Console could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow. CWE:CWE-841: Improper...
CVE-2025-13379
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
CVE-2025-13379 A SQL Injection vulnerability has been addressed in IBM Aspera Console
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database...
PT-2026-6553
Name of the Vulnerable Software and Affected Versions IBM Aspera Console versions 3.4.0 through 3.4.8 Description The software is susceptible to a SQL injection issue. A remote attacker could potentially send crafted SQL statements to access, modify, or delete data within the back-end database. T...