- IBM has issued a product security update advisory.
- the target is Aspera HSTS for CP4I and the scope is versions 1.5.1 through 1.5.19.
- the vulnerability addressed is CVE-2026-7876 authentication bypass vulnerability in Aspera High-Speed Transfer Server for Cloud Pak for Integration (CP4I).
- an authentication bypass is an issue that allows access without going through the normal authentication process.
- IBM has provided a Vulnerability Patch in the latest update, and affected product users should update to Aspera HSTS for CP4I 1.5.20.
- please follow the instructions on the reference site to apply the latest version of the Vulnerability Patch.
