Primary

Context

IBM Aspera Faspex Client-Side Security Enforcement Vulnerability Allowing Unauthorized Actions

Vulnerability

Patched

A vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12.1, allowing authenticated users to perform unauthorized actions. This issue arises from client-side enforcement of server-side security mechanisms.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed by authenticated users.

Remediation

Users are advised to upgrade to IBM Aspera Faspex version 5.0.13, available through the IBM Update Catalog.

Added: Jul 31, 2025, 12:27 AM

Updated: Jul 31, 2025, 12:27 AM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Aspera Faspex Client-Side Security Enforcement Vulnerability Allowing Unauthorized Actions

Vulnerability

Impact

Remediation

Affected Products

IBM Aspera Faspex

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating