Primary

Context

IBM Aspera Faspex Inconsistent Permissions Vulnerability Allowing Misuse

Vulnerability

Patched

A vulnerability in IBM Aspera Faspex versions 5.0.0 through 5.0.14.1 may lead to inconsistent permissions between the user interface and backend API. This discrepancy could allow users to access features that appear disabled, potentially resulting in misuse.

Impact

Exploitation of this vulnerability could lead to unauthorized access to features, creating opportunities for misuse of the application.

Remediation

Users are advised to upgrade to IBM Aspera Faspex version 5.0.14.2, available for download from the IBM Support Fix Central.

Added: Dec 26, 2025, 3:23 PM

Updated: Dec 26, 2025, 3:23 PM

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

5.2

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.9

impact

0.6

exploitability

5.2

remediation

7.7

relevance

1.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Aspera Faspex Inconsistent Permissions Vulnerability Allowing Misuse

Vulnerability

Impact

Remediation

Affected Products

IBM Aspera Faspex

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating