CVE-2025-66487

EPSS 0.05%
Veröffentlicht 01.04.2026 23:17:02
Zuletzt bearbeitet 03.04.2026 19:47:56
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

Multiple vulnerabilities have been addressed in IBM Aspera Shares

IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send emails, which could result in email flooding or a denial of service.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Aspera Shares Version >= 1.9.9 < 1.11.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.151

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	2.8	3.6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
psirt@us.ibm.com	2.7	1.2	1.4	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://www.ibm.com/support/pages/node/7267848

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-66487

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-66487

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-66487

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-66487