Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/24 5:18 p.m.23 views

CVE-2025-33137

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to client-side enforcement of server-side security...

8.8CVSS6.1AI score0.00287EPSS
Exploits0References1
cve
cve
added 2025/05/22 4:36 p.m.69 views

CVE-2025-33137

Affected product: IBM Aspera Faspex 5 (versions 5.0.0–5.0.12). Vulnerability cause: client-side enforcement of server-side security enables an authenticated user to access sensitive information or perform actions on behalf of another user. Impact: potential disclosure of sensitive data and unauth...

8.8CVSS6.6AI score0.00287EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/05/22 4:36 p.m.24 views

CVE-2025-33137 IBM Aspera Faspex data modification

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to client-side enforcement of server-side security...

7.1CVSS0.00287EPSS
Exploits0References1
ibm
ibm
added 2025/05/21 5:36 p.m.17 views

Security Bulletin: IBM Aspera Faspex is affected by user input sanitization and HTML injection vulnerabilities

Summary IBM Aspera Faspex has addressed input sanitization and HTML injection vulnerabilities CVE-2025-33137, CVE-2025-33136, CVE-2025-33138 Vulnerability Details CVEID:CVE-2025-33137 DESCRIPTION: IBM Aspera Faspex 5 could allow an authenticated user to obtain sensitive information or perform...

8.8CVSS6.7AI score0.00287EPSS
Exploits0Affected Software6
Rows per page
Query Builder