How severe is CVE-2025-36228?

CVE-2025-36228 has a CVSS v3 score of 3.8 (LOW).

CVE-2025-36228

Name: aspera_faspex
Author: ibm

3.8LOW

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to

Published: 12/26/2025Updated: 12/29/2025

Description

IBM Aspera Faspex 5 5.0.0 through 5.0.14.1 may allow inconsistent permissions between the user interface and backend API allowed users to access features that appeared disabled, potentially leading to misuse.

AI AnalysisPowered by AI

Affected Products

ibmaspera_faspex

References

https://www.ibm.com/support/pages/node/7255331
Vendor Advisory