Search criteria
2 vulnerabilities found for Aspera faspio Gateway by IBM
CVE-2025-14480 (GCVE-0-2025-14480)
Vulnerability from nvd – Published: 2026-03-03 20:41 – Updated: 2026-03-03 21:29
VLAI
Title
IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms
Summary
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
Severity
5.1 (Medium)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7261491 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Aspera faspio Gateway |
Affected:
1.3.6 , ≤ 11.7.1.6
(semver)
cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T21:29:44.383335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T21:29:50.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*"
],
"product": "Aspera faspio Gateway",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.7.1.6",
"status": "affected",
"version": "1.3.6",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information\u003c/p\u003e"
}
],
"value": "IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T20:41:15.560Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7261491"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIt is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here\u003c/p\u003e"
}
],
"value": "It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here"
}
],
"title": "IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-14480",
"datePublished": "2026-03-03T20:41:15.560Z",
"dateReserved": "2025-12-10T19:01:25.676Z",
"dateUpdated": "2026-03-03T21:29:50.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-14480 (GCVE-0-2025-14480)
Vulnerability from cvelistv5 – Published: 2026-03-03 20:41 – Updated: 2026-03-03 21:29
VLAI
Title
IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms
Summary
IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
Severity
5.1 (Medium)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7261491 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Aspera faspio Gateway |
Affected:
1.3.6 , ≤ 11.7.1.6
(semver)
cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-14480",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-03T21:29:44.383335Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T21:29:50.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*"
],
"product": "Aspera faspio Gateway",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.7.1.6",
"status": "affected",
"version": "1.3.6",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information\u003c/p\u003e"
}
],
"value": "IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-03T20:41:15.560Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7261491"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIt is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here\u003c/p\u003e"
}
],
"value": "It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here"
}
],
"title": "IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-14480",
"datePublished": "2026-03-03T20:41:15.560Z",
"dateReserved": "2025-12-10T19:01:25.676Z",
"dateUpdated": "2026-03-03T21:29:50.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}