PT-2025-39643 · Ibm · Aspera Http Gateway
Jhon1231248E
·
Published
2025-09-26
·
Updated
2025-12-11
·
CVE-2025-36274
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Aspera HTTP Gateway versions 2.0.0 through 2.3.1
Description
The IBM Aspera HTTP Gateway stores sensitive information in clear text within easily accessible files. An unauthenticated user can read these files.
Recommendations
Update to a version later than 2.3.1.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aspera Http Gateway