CVE-2025-13379 IBM — Exploit & Vulnerability Details HIGH

CVE-2025-13379

HIGH CVSS 3.1: 8.6 EPSS 0.12%

Parameter	Value
CVSS	8.6 (HIGH)
Type	CWE-89 (SQL Injection (SQL-инъекция))
Vendor	IBM
Public PoC	No

IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.

Attack Parameters

Attack Vector

Network

Атака возможна удалённо

Attack Complexity

Low

Легко эксплуатировать

Privileges Required

None

Права не нужны

User Interaction

None

Не нужно действие пользователя

Impact Assessment

Confidentiality

High

Полная утечка данных

Integrity

Low

Частичная модификация данных

Availability

Low

Частичное нарушение работы

CVSS Vector v3.1

Weakness Type (CWE)

CWE-89 SQL Injection (SQL-инъекция)

References 1

https://www.ibm.com/support/pages/node/7259448

psirt@us.ibm.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1713

IBM

5.5

CVE-2026-1567

IBM

7.1

CVE-2025-14480

IBM

5.1

CVE-2025-14456

IBM

5.9

CVE-2026-2606

IBM

6.5

Menu