5.3
CVE-2025-13460
- EPSS 0.04%
- Veröffentlicht 13.03.2026 19:54:04
- Zuletzt bearbeitet 17.03.2026 15:50:01
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Aspera Console Information Disclosure
IBM Aspera Console 3.3.0 through 3.4.8 could allow an attacker to enumerate usernames due to an observable response discrepancy.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Aspera Console Version >= 3.3.0 < 3.4.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.11 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
CWE-204 Observable Response Discrepancy
The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.