IBM Aspera Faspex
Moderate fix1 remedy
cpe:2.3:a:ibm:aspera_faspex:*:*:*:*:*:*:*
Moderate fix1 remedy
- >= 5.0.0, <= 5.0.12.1
IBM Aspera Faspex Client-Side Security Enforcement Vulnerability Allowing Unauthorized Actions
Vulnerability
Patched
A vulnerability exists in IBM Aspera Faspex versions 5.0.0 through 5.0.12.1, allowing authenticated users to perform unauthorized actions. This issue arises from client-side enforcement of server-side security mechanisms, creating a potential for misuse.
Impact
Exploitation of this vulnerability could lead to unauthorized actions being performed by authenticated users within the Aspera Faspex application.
Remediation
Users are advised to upgrade to IBM Aspera Faspex version 5.0.13, available through the IBM Support Fix Central.
Added: Jul 31, 2025, 12:25 AM
Updated: Jul 31, 2025, 12:25 AM
Vulnerability Rating
Custom Algorithm
spread
1.9impact
2.5exploitability
5.2remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.