CVE-2025-33137
published 2025-05-22CVE-2025-33137: IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to client-side enforcement of server-side security.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | aspera_faspex | >= 5.0.0 < 5.0.12.1 | 5.0.12.1 |
| ibm | aspera_faspex | 5.0.0 – 5.0.12 | — |