CNNVD-202512-2113 Information
Dec 11, 2025
cve
CNNVD ID
CNNVD-202512-2113
Related CVE
- CNNVD Published: 2025-12-11
Description (Chinese)
IBM Aspera Orchestrator是美国国际商业机器(IBM)公司的一个基于 Web 的应用程序。可为数据驱动型企业提供高效的文件处理管道。 IBM Aspera Orchestrator 4.0.0版本至4.1.0版本存在安全漏洞,该漏洞源于允许认证用户未经授权更改其他用户密码。
Description (English)
IBM Aspera Orchestra is a Web-based application of IBM. Efficient document-processing conduits can be provided for data-driven enterprises. There is a security gap between IBM Aspera Orchestra, Versions 4.0.0 to 4.1.0, which stems from allowing authentication users to change other user passwords without authorization.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
国际商业机器
Published
2025-12-11
Last Modified
2026-02-24
References
https://www.ibm.com/support/pages/node/7254434
Patch
https://www.ibm.com/support/pages/node/7254434
Share on: