Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Aspera faspio Gateway by IBM

    CVE-2025-14480 (GCVE-0-2025-14480)

    Vulnerability from nvd – Published: 2026-03-03 20:41 – Updated: 2026-03-03 21:29
    VLAI
    Title
    IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms
    Summary
    IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7261491 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Aspera faspio Gateway Affected: 1.3.6 , ≤ 11.7.1.6 (semver)
        cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-03T21:29:44.383335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T21:29:50.964Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*"
              ],
              "product": "Aspera faspio Gateway",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.7.1.6",
                  "status": "affected",
                  "version": "1.3.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information\u003c/p\u003e"
                }
              ],
              "value": "IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T20:41:15.560Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7261491"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIt is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here\u003c/p\u003e"
                }
              ],
              "value": "It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here"
            }
          ],
          "title": "IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-14480",
        "datePublished": "2026-03-03T20:41:15.560Z",
        "dateReserved": "2025-12-10T19:01:25.676Z",
        "dateUpdated": "2026-03-03T21:29:50.964Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-14480 (GCVE-0-2025-14480)

    Vulnerability from cvelistv5 – Published: 2026-03-03 20:41 – Updated: 2026-03-03 21:29
    VLAI
    Title
    IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms
    Summary
    IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7261491 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM Aspera faspio Gateway Affected: 1.3.6 , ≤ 11.7.1.6 (semver)
        cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-14480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-03T21:29:44.383335Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-03T21:29:50.964Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*"
              ],
              "product": "Aspera faspio Gateway",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.7.1.6",
                  "status": "affected",
                  "version": "1.3.6",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information\u003c/p\u003e"
                }
              ],
              "value": "IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T20:41:15.560Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7261491"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIt is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here\u003c/p\u003e"
                }
              ],
              "value": "It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here"
            }
          ],
          "title": "IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-14480",
        "datePublished": "2026-03-03T20:41:15.560Z",
        "dateReserved": "2025-12-10T19:01:25.676Z",
        "dateUpdated": "2026-03-03T21:29:50.964Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }