CVE-2025-33137

CWE-6023 documents3 sources
Severity
8.8HIGH
EPSS
0.2%
top 56.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Aspera Faspex
Timeline
PublishedMay 22

Description

IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive information or perform unauthorized actions on behalf of another user due to client-side enforcement of server-side security.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 2.8 | Impact: 4.2

Affected Packages2 packages

NVDibm/aspera_faspex5.0.05.0.12.1
CVEListV5ibm/aspera_faspex5.0.05.0.12

🔴Vulnerability Details

2
CVEList
IBM Aspera Faspex data modification2025-05-22
GHSA
GHSA-w6gx-hfp5-rmhr: IBM Aspera Faspex 52025-05-22
CVE-2025-33137 (HIGH CVSS 8.8) | IBM Aspera Faspex 5.0.0 through 5.0 | cvebase.io