Primary

Context

IBM Aspera Faspex Denial-of-Service Vulnerability via Improperly Validated API Input

Vulnerability

Patched

A denial-of-service vulnerability has been identified in IBM Aspera Faspex versions 5.0.0 through 5.0.13.1. This issue allows a privileged user to cause excessive resource consumption, leading to a denial-of-service condition. The vulnerability arises from improperly validated API input, which can be exploited to consume resources disproportionately.

Impact

Exploitation of this vulnerability can lead to excessive resource consumption, causing a denial-of-service condition on the affected system.

Remediation

Users are advised to upgrade to IBM Aspera Faspex version 5.0.14, available through the IBM Update Catalog.

Added: Oct 9, 2025, 2:19 PM

Updated: Oct 9, 2025, 3:57 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

4.8

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

2.5

exploitability

4.8

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Aspera Faspex Denial-of-Service Vulnerability via Improperly Validated API Input

Vulnerability

Impact

Remediation

Affected Products

IBM Aspera Faspex

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating