CVE-2025-33136

CWE-4713 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 56.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Aspera Faspex
Timeline
PublishedMay 22

Description

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to improper protection of assumed immutable data.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

NVDibm/aspera_faspex5.0.05.0.12.1
CVEListV5ibm/aspera_faspex5.0.05.0.12

🔴Vulnerability Details

2
GHSA
GHSA-3wc3-w43j-x6wh: IBM Aspera Faspex 52025-05-22
CVEList
IBM Aspera Faspex data modification2025-05-22
CVE-2025-33136 (HIGH CVSS 8.8) | IBM Aspera Faspex 5.0.0 through 5.0 | cvebase.io