Vulnerability Details CVE-2025-36228
IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.4%
CVSS Severity
CVSS v3 Score 3.8
Products affected by CVE-2025-36228
-
cpe:2.3:a:ibm:aspera_faspex:5.0.0
-
cpe:2.3:a:ibm:aspera_faspex:5.0.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.10
-
cpe:2.3:a:ibm:aspera_faspex:5.0.10.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.10.2
-
cpe:2.3:a:ibm:aspera_faspex:5.0.11
-
cpe:2.3:a:ibm:aspera_faspex:5.0.11.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.11.2
-
cpe:2.3:a:ibm:aspera_faspex:5.0.12
-
cpe:2.3:a:ibm:aspera_faspex:5.0.12.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.13
-
cpe:2.3:a:ibm:aspera_faspex:5.0.13.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.14
-
cpe:2.3:a:ibm:aspera_faspex:5.0.14.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.2
-
cpe:2.3:a:ibm:aspera_faspex:5.0.3
-
cpe:2.3:a:ibm:aspera_faspex:5.0.4
-
cpe:2.3:a:ibm:aspera_faspex:5.0.4.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.4.2
-
cpe:2.3:a:ibm:aspera_faspex:5.0.5
-
cpe:2.3:a:ibm:aspera_faspex:5.0.5.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.5.3
-
cpe:2.3:a:ibm:aspera_faspex:5.0.6
-
cpe:2.3:a:ibm:aspera_faspex:5.0.6.1
-
cpe:2.3:a:ibm:aspera_faspex:5.0.6.2
-
cpe:2.3:a:ibm:aspera_faspex:5.0.7
-
cpe:2.3:a:ibm:aspera_faspex:5.0.8
-
cpe:2.3:a:ibm:aspera_faspex:5.0.9