Medium severity6.3NVD Advisory· Published Apr 1, 2026· Updated Apr 6, 2026
CVE-2025-66483
CVE-2025-66483
Description
IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authenticated user to impersonate another user on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:ibm:aspera_shares:*:-:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:aspera_shares:*:-:*:*:*:*:*:*range: >=1.9.9,<=1.11.0
- (no CPE)range: 1.9.9 - 1.11.0
Patches
Vulnerability mechanics
References
1- www.ibm.com/support/pages/node/7267848nvdVendor Advisory
News mentions
0No linked articles in our index yet.