CVE-2025-13214
HIGH 7.6IBM Aspera Orchestrator 4.0.0 through 4.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.
Affected Applications in Environment
8
orc
v0.4.31-8.el9
27 devices
orc
v0.4.26-1.el7
1 device
orc
v0.4.28-4.el8_10
3 devices
orc
v0.4.31-8.el9
1 device
orc
v0.4.28-4.el8_10
1 device
orc
v0.4.31-8.el9
2 devices
orc
v0.4.31-8.el9
1 device
orc
v0.4.28-3.el8
2 devices
Affected Devices
38
chela03
Linux
chela04
Linux
chela05
Linux
dpapsb-161390.aggies.usu.edu
Linux
dpapsb-191594.mypc.usu.edu
Linux
el103-02.ece.usu.edu
Linux
el103-03.ece.usu.edu
Linux
el103-04.ece.usu.edu
Linux
el103-05.ece.usu.edu
Linux
el103-07.ece.usu.edu
Linux
el103-08.ece.usu.edu
Linux
el103-09.ece.usu.edu
Linux
el103-10.ece.usu.edu
Linux
el103-14.ece.usu.edu
Linux
el103-15.ece.usu.edu
Linux
el103-16.ece.usu.edu
Linux
el103-17.ece.usu.edu
Linux
el103-18.ece.usu.edu
Linux
el103-19.ece.usu.edu
Linux
el103-20.ece.usu.edu
Linux
el120-01.ece.usu.edu
Linux
el120-02.ece.usu.edu
Linux
el120-03.ece.usu.edu
Linux
el120-04.ece.usu.edu
Linux
el120-05.ece.usu.edu
Linux
el120-06.ece.usu.edu
Linux
el120-08.ece.usu.edu
Linux
el120-09.ece.usu.edu
Linux
el120-10.ece.usu.edu
Linux
el120-11.ece.usu.edu
Linux
el120-12.ece.usu.edu
Linux
el120-14.ece.usu.edu
Linux
eprocdev.banner.usu.edu
Linux
facreadyprod.pplant.usu.edu
Linux
facreadytestrhel.pplant.usu.edu
Linux
facshibsp2.pplant.usu.edu
Linux
guru.cluster
Linux
paymentworksdev.banner.usu.edu
Linux
References
1