CVE-2025-13481
published 2025-12-11CVE-2025-13481: IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_orchestrator | >= 4.0.0 < 4.1.1 | 4.1.1 |
| ibm | aspera_orchestrator | 4.0.0 – 4.1.0 | — |