Aspera Console
by IBM
CVEs (5)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-13212 | 0.00 | — | 0.00 | Mar 13, 2026 | IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency. | ||
| CVE-2025-13459 | 0.00 | — | 0.00 | Mar 13, 2026 | IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow. | ||
| CVE-2025-13460 | 0.00 | — | 0.00 | Mar 13, 2026 | IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy. | ||
| CVE-2025-13379 | 0.00 | — | 0.00 | Feb 5, 2026 | IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. | ||
| CVE-2025-13925 | 0.00 | — | 0.00 | Jan 20, 2026 | IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user. |
- CVE-2025-13212Mar 13, 2026risk 0.00cvss —epss 0.00
IBM Aspera Console 3.3.0 through 3.4.8 could allow an authenticated user to cause a denial of service in the email service due to improper control of interaction frequency.
- CVE-2025-13459Mar 13, 2026risk 0.00cvss —epss 0.00
IBM Aspera Console 3.3.0 through 3.4.8 could allow a privileged user to cause a denial of service due to improper enforcement of behavioral workflow.
- CVE-2025-13460Mar 13, 2026risk 0.00cvss —epss 0.00
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
- CVE-2025-13379Feb 5, 2026risk 0.00cvss —epss 0.00
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
- CVE-2025-13925Jan 20, 2026risk 0.00cvss —epss 0.00
IBM Aspera Console 3.4.7 stores potentially sensitive information in log files that could be read by a local privileged user.