CVE-2025-13916
Received
Received - Intake
Weak Cryptography in IBM Aspera Shares 1.9.9β1.11.0 Risks Data Exposure
Publication date: 2026-04-01
Last updated on: 2026-04-06
Assigner: IBM Corporation
Description
Description
IBM Aspera Shares 1.9.9 through 1.11.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | aspera_shares | From 1.9.9 (inc) to 1.11.1 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-327 | The product uses a broken or risky cryptographic algorithm or protocol. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in IBM Aspera Shares versions 1.9.9 through 1.11.0, where the software uses weaker than expected cryptographic algorithms. This weakness could allow an attacker to decrypt highly sensitive information that is supposed to be protected.
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker could potentially decrypt highly sensitive information, leading to a confidentiality breach. This could expose private or critical data to unauthorized parties.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70