Unrated severityNVD Advisory· Published Oct 9, 2025· Updated Oct 9, 2025
IBM Aspera Faspex cross-origin resource sharing
CVE-2023-37401
Description
IBM Aspera Faspex 5.0.0 through 5.0.13.1 uses a cross-domain policy file that includes domains that should not be trusted.
Affected products
2- IBM/Aspera Faspexv5cpe:2.3:a:ibm:aspera_faspex:5.0.0.0:*:*:*:*:*:*:*Range: 5.0.0
- Range: >=5.0.0 <=5.0.13.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.ibm.com/support/pages/node/7247502mitrevendor-advisorypatch
News mentions
0No linked articles in our index yet.