CNNVD-202512-4837 Information

CNNVD ID

CNNVD-202512-4837

Related CVE

CVE-2025-36228

• CNNVD Published: 2025-12-26

Description (Chinese)

IBM Aspera Faspex是美国国际商业机器（IBM）公司的一种用于快速的全球个人对个人文件交付和协作的解决方案。 IBM Aspera Faspex 5 5.0.14.1及之前版本存在安全漏洞，该漏洞源于用户界面和后端API之间权限不一致，可能导致用户访问看似禁用的功能。

Description (English)

IBM Aspera Faspex is a solution for fast-tracking individual-to-personal document delivery and collaboration by the United States International Business Machine (IBM). There is a security gap in IBM Aspera Faspex 5 5.0.14.1 and earlier versions, which results from inconsistent privileges between the user interface and the back-end API, which may lead to users accessing seemingly disabled functions.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

国际商业机器

Published

2025-12-26

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7255331 https://access.redhat.com/security/cve/cve-2025-36228

Patch

https://www.ibm.com/support/pages/node/7255331