Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime and IBM SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to Denial of Service CVE-2026-21945, Tampering CVE-2026-21932, Information Disclosure CVE-2026-21933, CVE-2026-21925 and Elevation of Privilege CVE-2026-1188 threats due to the use of IBM Semeru Runtime and IBM SDK, Java Technology Edition...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to information Disclosure CVE-2025-53066 and one Tampering CVE-2025-53057 unauthorized data access due to the use of IBM® SDK Java™ Technology Edition, Version 8 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Denial of Service.

Summary IBM Virtualization Engine TS7700 is susceptible to denial-of-service condition due to the use of Python CVE-2025-6069. TS7700 uses Python to perform operations with the Cloud and internal system configuration tasks. Vulnerability Details CVEID:CVE-2025-6069 DESCRIPTION: The...

GO-2026-4428 EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve

EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

CVE-2023-49878

IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to two Tampering and information Disclosure CVE-2025-21587 , CVE-2025-30698 and one Tampering and Denial of Service CVE-2025-4447 unauthorized data access due to the use of IBM® SDK Java™ Technology Edition, Version 8 Vulnerability Details...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Elevation of Privilege conditions due to the use of IBM Storage Virtualize

Summary IBM Virtualization Engine TS7700 is susceptible to Elevation of Privilege conditions due to the use of IBM Storage Virtualize CVE-2025-36120. TS7700 uses IBM Storage Virtualize to perform operations related to storage virtualization and internal system configuration tasks. Vulnerability...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to tampering and elevation of privilege (CVE-2025-30065) due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to a tampering and privilege escalation vulnerability CVE-2025-30065, due to the use of IBM Db2, which is primarily embedded to store metadata related to the data it manages. Additionally, this patch also includes updates for other...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Tampering and Elevation of Privilege due to the use of AIX NIM

Summary The use of AIX NIM exposes IBM Virtualization Engine TS7700 to vulnerabilities identified as CVE-2024-56346 and CVE-2024-56347, making it susceptible to tampering and privilege escalation attacks. These weaknesses in AIX could be exploited by a remote attacker to execute unauthorized...

CVE-2025-36056

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-2141 IBM System Storage Virtualization Engine TS7700 cross-site scripting

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-36056 IBM System Storage Virtualization Engine TS7700 cross-site scripting

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

IBM System Storage Virtualization Engine TS7700 跨站脚本漏洞

IBM System Storage Virtualization Engine TS7700 is a data storage repository from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM System Storage Virtualization Engine TS7700 that stems from vulnerability to cross-site scripting attacks...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a Denial of Service (CVE-2025-23184) due to the use of WebSphere Application Server Liberty

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service associated with the use of WebSphere Application Server Liberty CVE-2025-23184, which is used in its Management Interface. Under certain rare conditions, CachedOutputStream instances may not close properly. If these...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Cross-Site Scripting in the Management Interface

Summary IBM Virtualization Engine TS7700 is susceptible to information disclosure and privilege escalation CVE-2025-2141. An attacker can perform Cross-Site Scripting XSS attacks on the IBM TS7700 Management Interface, allowing them to redirect users to malicious websites phishing, create malicio...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in Python.

Summary IBM Virtualization Engine TS7700 is susceptible to four denial-of-service conditions due to the use of Python CVE-2024-7592, CVE-2024-8088, CVE-2024-0450, CVE-2024-6232, one elevation of privilege CVE-2024-6345, two tampering CVE-2024-4032, CVE-2024-6923, one information disclosure...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to Spoofing due to IBM WebSphere Application Server Liberty (CVE-2023-50314).

Summary IBM Virtualization Engine TS7700 is susceptible to spoofing due to IBM WebSphere Application Server Liberty vulnerability CVE-2023-50314. TS7700 uses IBM WebSphere Application Server Liberty to provide the management interface. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in IBM MQ

Summary IBM Virtualization Engine TS7700 is susceptible to three denial-of-service conditions CVE-2024-25016, CVE-2024-31919, CVE-2024-35116, a privilege escalation CVE-2024-31912 and a buffer overflow CVE-2024-25048 due to the use of IBM MQ. TS7700 uses IBM MQ for inter-process communication...

RHSA-2020:1308 Red Hat Security Advisory: Red Hat Virtualization Engine security, bug fix 4.3.9

Bulletin has no description...