Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Denial of Service.

Summary IBM Virtualization Engine TS7700 is susceptible to denial-of-service condition due to the use of Python CVE-2025-6069. TS7700 uses Python to perform operations with the Cloud and internal system configuration tasks. Vulnerability Details CVEID:CVE-2025-6069 DESCRIPTION: The...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to two Tampering and information Disclosure CVE-2025-21587 , CVE-2025-30698 and one Tampering and Denial of Service CVE-2025-4447 unauthorized data access due to the use of IBM® SDK Java™ Technology Edition, Version 8 Vulnerability Details...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to tampering and elevation of privilege (CVE-2025-30065) due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to a tampering and privilege escalation vulnerability CVE-2025-30065, due to the use of IBM Db2, which is primarily embedded to store metadata related to the data it manages. Additionally, this patch also includes updates for other...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Tampering and Elevation of Privilege due to the use of AIX NIM

Summary The use of AIX NIM exposes IBM Virtualization Engine TS7700 to vulnerabilities identified as CVE-2024-56346 and CVE-2024-56347, making it susceptible to tampering and privilege escalation attacks. These weaknesses in AIX could be exploited by a remote attacker to execute unauthorized...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a Denial of Service (CVE-2025-23184) due to the use of WebSphere Application Server Liberty

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service associated with the use of WebSphere Application Server Liberty CVE-2025-23184, which is used in its Management Interface. Under certain rare conditions, CachedOutputStream instances may not close properly. If these...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Cross-Site Scripting in the Management Interface

Summary IBM Virtualization Engine TS7700 is susceptible to information disclosure and privilege escalation CVE-2025-2141. An attacker can perform Cross-Site Scripting XSS attacks on the IBM TS7700 Management Interface, allowing them to redirect users to malicious websites phishing, create malicio...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in Python.

Summary IBM Virtualization Engine TS7700 is susceptible to four denial-of-service conditions due to the use of Python CVE-2024-7592, CVE-2024-8088, CVE-2024-0450, CVE-2024-6232, one elevation of privilege CVE-2024-6345, two tampering CVE-2024-4032, CVE-2024-6923, one information disclosure...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to Spoofing due to IBM WebSphere Application Server Liberty (CVE-2023-50314).

Summary IBM Virtualization Engine TS7700 is susceptible to spoofing due to IBM WebSphere Application Server Liberty vulnerability CVE-2023-50314. TS7700 uses IBM WebSphere Application Server Liberty to provide the management interface. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in IBM MQ

Summary IBM Virtualization Engine TS7700 is susceptible to three denial-of-service conditions CVE-2024-25016, CVE-2024-31919, CVE-2024-35116, a privilege escalation CVE-2024-31912 and a buffer overflow CVE-2024-25048 due to the use of IBM MQ. TS7700 uses IBM MQ for inter-process communication...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in WebSphere Application Server Liberty

Summary IBM Virtualization Engine TS7700 is vulnerable to two potential denial of service conditions CVE-2023-44487, CVE-2024-25026 and two instances of weaker than expected security CVE-2023-50312, CVE-2023-46158 due to WebSphere Application Server Liberty. WebSphere Application Server Liberty i...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to the vulnerabilities listed below due to the embedded use of IBM Db2. IBM Db2 is used in TS7700 to store metadata about the data it manages. CVE-2023-30431, CVE-2023-29257, CVE-2023-26021, CVE-2023-25930, CVE-2023-27559, CVE-2023-40692...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a denial of service due to the use of OpenSSL (CVE-2023-6129)

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service due to the use of OpenSSL CVE-2023-6129. OpenSSL is used in TS7700 to encrypt data in flight during EKM communications, Secure Data Transfer between clusters, and for TS7700 Advanced Object Store for DS8000...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2023-22081, CVE-2023-5676)

Summary IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM SDK Java Technology Edition, Version 8 CVE-2023-22081, CVE-2023-5676. The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700 - October 2017, January 2018 and April 2018

Summary There are multiple vulnerabilities in IBM® SDK, Java™ Technology Edition, Versions 7 and 8, that are used by IBM Virtualization Engine TS7700. These issues were disclosed as part of the IBM Java SDK updates in October 2017, January 2018 and April 2018. Vulnerability Details CVEID:...

Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect IBM Virtualization Engine TS7700 (CVE-2016-7427, CVE-2016-7428, CVE-2016-9310, CVE-2016-9311)

Summary There are multiple vulnerabilities in the Network Time Protocol NTP implementation embedded within the IBM Virtualization Engine TS7700. Vulnerability Details CVEID: CVE-2016-7427 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention...

Security Bulletin: Potential Information Disclosure vulnerability in WebSphere Application Server as used by IBM Virtualization Engine TS7700 (CVE-2016-5986)

Summary There is a potential information disclosure in WebSphere Application Server as used by the IBM Virtualization Engine TS7700. Vulnerability Details CVEID: CVE-2016-5986 DESCRIPTION: IBM WebSphere Application Server and IBM WebSphere Application Server Liberty could allow a remote attacker ...

Security Bulletin: IBM Virtualization Engine TS7700 allows access to sensitive information (CVE-2023-49877) and is vulnerable to information disclosure (CVE-2023-49878)

Summary The Management Interface for the IBM Virtualization Engine TS7700 allows access to sensitive information CVE-2023-49877 and is vulnerable to information disclosure CVE-2023-49878. IBM Virtualization Engine TS7700 has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-4987...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a denial of service due to use of Apache Commons FileUpload (CVE-2023-24998)

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service due to use of Apache Commons FileUpload CVE-2023-24998. Apache Commons FileUpload is used by the TS7700 in the Management Interface. IBM Virtualization Engine TS7700 has addressed the applicable CVE. Vulnerability...

Security Bulletin: Due to use of OpenSSL, IBM Virtualization Engine TS7700 is vulnerable to denial of service (CVE-2023-0215, CVE-2023-0286) and information disclosure (CVE-2022-4304)

Summary IBM Virtualization Engine TS7700 is vulnerable to denial of service CVE-2023-0215, CVE-2023-0286 and information disclosure CVE-2022-4304 due to the use of OpenSSL. OpenSSL is used by IBM Virtualization Engine TS7700 for inbound and outbound TLS connections other than those provided by th...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to a denial of service threat due to use of IBM® SDK Java™ Technology Edition, Version 8 (CVE-2022-21626)

Summary IBM Virtualization Engine TS7700 is vulnerable to a denial of service threat CVE-2022-21626 due to the use of IBM® SDK Java™ Technology Edition, Version 8. The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent Cloud...