{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-13855", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2025-12-01T20:26:14.425Z", "datePublished": "2026-04-01T00:23:28.677Z", "dateUpdated": "2026-04-01T13:20:45.428Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-04-01T00:23:28.677Z"}, "title": "IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint .", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Storage Protect Server", "versions": [{"status": "affected", "version": "8.2.0"}], "cpes": ["cpe:2.3:a:ibm:storage_protect_server:8.2.0:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7267783", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseSeverity": "HIGH", "baseScore": 7.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}}], "solutions": [{"lang": "en", "value": "Affected VersionsFixing LevelPlatformRemediation/Fix/Instructions8.1.0.000 - 8.2.0.xxx8.2.1AIX Linux WindowsInstructions for downloading the update:\u00a0 https://www.ibm.com/support/pages/node/7266171", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p><br></p><table><tbody><tr><td><strong>Affected Versions</strong></td><td><strong>Fixing Level</strong></td><td><strong>Platform</strong></td><td><strong>Remediation/Fix/Instructions</strong></td></tr><tr><td>8.1.0.000 - 8.2.0.xxx</td><td>8.2.1</td><td>AIX Linux Windows</td><td>Instructions for downloading the update:&nbsp;<a href=\"https://www.ibm.com/support/pages/node/7266171\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/support/pages/node/7266171</a></td></tr></tbody></table>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T13:20:37.773773Z", "id": "CVE-2025-13855", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:20:45.428Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-13855", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T13:20:37.773773Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:20:41.696Z"}}], "cna": {"title": "IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint .", "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:ibm:storage_protect_server:8.2.0:*:*:*:*:*:*:*"], "vendor": "IBM", "product": "Storage Protect Server", "versions": [{"status": "affected", "version": "8.2.0"}]}], "solutions": [{"lang": "en", "value": "Affected VersionsFixing LevelPlatformRemediation/Fix/Instructions8.1.0.000 - 8.2.0.xxx8.2.1AIX Linux WindowsInstructions for downloading the update:\u00a0 https://www.ibm.com/support/pages/node/7266171", "supportingMedia": [{"type": "text/html", "value": "<p><br></p><table><tbody><tr><td><strong>Affected Versions</strong></td><td><strong>Fixing Level</strong></td><td><strong>Platform</strong></td><td><strong>Remediation/Fix/Instructions</strong></td></tr><tr><td>8.1.0.000 - 8.2.0.xxx</td><td>8.2.1</td><td>AIX Linux Windows</td><td>Instructions for downloading the update:&nbsp;<a href=\"https://www.ibm.com/support/pages/node/7266171\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">https://www.ibm.com/support/pages/node/7266171</a></td></tr></tbody></table>", "base64": false}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7267783", "tags": ["vendor-advisory", "patch"]}], "x_generator": {"engine": "ibm-cvegen"}, "descriptions": [{"lang": "en", "value": "IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.", "supportingMedia": [{"type": "text/html", "value": "<p>IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-04-01T00:23:28.677Z"}}}, "cveMetadata": {"cveId": "CVE-2025-13855", "state": "PUBLISHED", "dateUpdated": "2026-04-01T13:20:45.428Z", "dateReserved": "2025-12-01T20:26:14.425Z", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "datePublished": "2026-04-01T00:23:28.677Z", "assignerShortName": "ibm"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:storage_protect_server:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "52DFE03F-6BEE-4B01-BDC6-0684605635F2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89", "vulnerable": false}, {"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1", "vulnerable": false}, {"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database."}, {"lang": "es", "value": "IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server es vulnerable a inyecci\u00f3n SQL. Un atacante remoto podr\u00eda enviar sentencias SQL especialmente dise\u00f1adas, lo que podr\u00eda permitir al atacante ver, a\u00f1adir, modificar o eliminar informaci\u00f3n en la base de datos de back-end."}], "id": "CVE-2025-13855", "lastModified": "2026-04-02T20:46:51.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.7, "source": "psirt@us.ibm.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-01T01:16:39.360", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/7267783"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "8.2.0"}}], "enrichment": {"confidence": 84.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "inferred"}, {"score": 84.0, "source": "matching"}]}, "original": {"product": "Storage Protect Server", "source": "cna", "vendor": "IBM"}, "product": "storage_protect", "vendor": "ibm"}], "analysis": {"en": {"generated_at": "2026-04-03T00:21:36.971592+00:00", "value": {"mitigation_remediation": ["Apply the IBM update provided at https://www.ibm.com/support/pages/node/7266171 to upgrade to a fixed version."], "summary": {"action": "Immediate Patch", "impact": "Database compromise leading to data loss or corruption"}, "threat_synthesis": {"affected_systems": "IBM Storage Protect Server versions 8.1.0.000 through 8.2.0.xxx and 8.2.1 on AIX Linux and Windows are impacted. The vulnerable endpoint is a JSON\u2011RPC service exposed by the product, and the vulnerability requires an authenticated session to access it.", "description_and_impact": "The vulnerability is a SQL injection flaw in IBM Storage Protect Server 8.2.0 that allows a malicious actor to execute arbitrary SQL statements against the back\u2011end database. This can enable the attacker to view, add, modify, or delete sensitive data, compromising both confidentiality and integrity of the system\u2019s information. The weakness is classified as CWE\u201189.", "risk_and_exploitability": "The vulnerability has a CVSS score of 7.6, indicating high severity, but its EPSS score is below 1\u202f% and it does not appear in the CISA KEV catalog, suggesting that exploitation is unlikely at present. The attack vector is remote via the JSON\u2011RPC endpoint, and the attacker must first authenticate, indicating that the risk is limited to authorized users who could be compromised or granted privileges. Once authenticated, the attacker can manipulate arbitrary data through the injected SQL statements."}}}}, "created": "2026-04-02T07:51:09.837966+00:00", "updated": "2026-04-03T09:19:16.150659+00:00", "vendors": ["ibm", "ibm$PRODUCT$storage_protect"]}