{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-14480","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2025-12-10T19:01:25.676Z","datePublished":"2026-03-03T20:41:15.560Z","dateUpdated":"2026-03-03T21:29:50.964Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:aspera_faspio_gateway:1.3.6:*:*:*:*:*:*:*"],"product":"Aspera faspio Gateway","vendor":"IBM","versions":[{"lessThanOrEqual":"11.7.1.6","status":"affected","version":"1.3.6","versionType":"semver"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information</p>"}],"value":"IBM Aspera faspio Gateway 1.3.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information"}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.1,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-327","description":"CWE-327 Use of a Broken or Risky Cryptographic Algorithm","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2026-03-03T20:41:15.560Z"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7261491"}],"solutions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here</p>"}],"value":"It is recommended to apply the fix as soon as possible, see links below. Product(s) Fixing VRM Platform Link to Fix IBM Aspera faspio Gateway 1.3.7 Windows click here IBM Aspera faspio Gateway 1.3.7 Linux zSeries click here IBM Aspera faspio Gateway 1.3.7 Linux PPC click here IBM Aspera faspio Gateway 1.3.7 Mac OSX click here IBM Aspera faspio Gateway 1.3.7 Linux click here"}],"title":"IBM Aspera faspio Gateway 1.3.7 has addressed a vulnerability affected by weak cryptographic algorithms","x_generator":{"engine":"ibm-cvegen"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-03T21:29:44.383335Z","id":"CVE-2025-14480","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-03T21:29:50.964Z"}}]}}