CVE-2025-33136
published 2025-05-22CVE-2025-33136: IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_faspex | >= 5.0.0 < 5.0.12.1 | 5.0.12.1 |
| ibm | aspera_faspex | 5.0.0 – 5.0.12 | — |