CVE-2025-13460
published 2026-03-16CVE-2025-13460: IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_console | >= 3.3.0 < 3.4.9 | 3.4.9 |
| ibm | aspera_console | 3.3.0 – 3.4.8 | — |