All 11 CVE vulnerabilities found in Aspera Orchestrator, with AI-generated Chinese analysis, references, and POCs.
Vendor: IBM
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2025-13213 | Multiple vulnerabilities in IBM Aspera Orchestrator CWE-644 | 5.4 | Medium | 2026-03-10 |
| CVE-2025-13219 | Multiple vulnerabilities in IBM Aspera Orchestrator CWE-598 | 5.9 | Medium | 2026-03-10 |
| CVE-2025-13214 | IBM Aspera Orchestrator SQL Injection CWE-89 | 7.6 | High | 2025-12-11 |
| CVE-2025-13148 | IBM Aspera Orchestrator Unverified Password Change CWE-620 | 8.1 | High | 2025-12-11 |
| CVE-2025-13481 | IBM Aspera Orchestrator Command Injection CWE-78 | 8.8 | High | 2025-12-11 |
| CVE-2025-13211 | IBM Aspera Orchestrator Denial of Service CWE-799 | 5.3 | Medium | 2025-12-11 |
| CVE-2023-26288 | IBM Aspera Orchestrator session fixation CWE-613 | 5.5 | Medium | 2024-07-30 |
| CVE-2023-38001 | IBM Aspera Orchestrator cross-site request forgery CWE-352 | 6.5 | Medium | 2024-07-30 |
| CVE-2023-26289 | IBM Aspera Orchestrator HTTP header injection CWE-644 | 5.4 | Medium | 2024-07-30 |
| CVE-2023-27283 | IBM Aspera Orchestrator information disclosure CWE-204 | 5.3 | Medium | 2024-05-04 |
| CVE-2023-37407 | IBM Aspera Orchestrator command execution CWE-78 | 8.8 | High | 2024-05-03 |
All 11 known CVE vulnerabilities affecting Aspera Orchestrator with full Chinese analysis, references, and POCs where available.