Security Bulletin: Multiple vulnerabilities in IBM® Semeru Runtime and IBM SDK, Java™ Technology Edition affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to Denial of Service CVE-2026-21945, Tampering CVE-2026-21932, Information Disclosure CVE-2026-21933, CVE-2026-21925 and Elevation of Privilege CVE-2026-1188 threats due to the use of IBM Semeru Runtime and IBM SDK, Java Technology Edition...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700

Summary IBM Virtualization Engine TS7700 is susceptible to information Disclosure CVE-2025-53066 and one Tampering CVE-2025-53057 unauthorized data access due to the use of IBM® SDK Java™ Technology Edition, Version 8 Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified...

CVE-2023-49878

IBM System Storage Virtualization Engine TS7700 3957-VEC, 3948-VED and 3957-VEC could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to multiple vulnerabilities in Python.

Summary IBM Virtualization Engine TS7700 is susceptible to two Tampering conditions and one potential Elevation of Privilege issue due to the use of Python CVE-2025-0938, CVE-2025-47273, CVE-2025-1795. TS7700 uses Python to perform operations with the Cloud and internal system configuration tasks...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Information Disclosure due to the use of IBM Db2

Summary IBM Virtualization Engine TS7700 is susceptible to Information Disclosure CVE-2024-40679 due to the use of IBM Db2, which is primarily embedded to store metadata related to the data managed by the TS7700. Vulnerability Details CVEID:CVE-2024-40679 DESCRIPTION: IBM Db2 for Linux, UNIX and...

EUVD-2021-16382

Malware in sbrugna...

EUVD-2025-19623

Malicious code in bioql PyPI...

EUVD-2023-28945

Malicious code in bioql PyPI...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Tampering and Elevation of Privilege due to the use of AIX NIM

Summary The use of AIX NIM exposes IBM Virtualization Engine TS7700 to vulnerabilities identified as CVE-2024-56346 and CVE-2024-56347, making it susceptible to tampering and privilege escalation attacks. These weaknesses in AIX could be exploited by a remote attacker to execute unauthorized...

CVE-2025-2141

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-36056 IBM System Storage Virtualization Engine TS7700 cross-site scripting

IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI...

CVE-2025-36056

IBM TS7700 family (3957-VED, 3948-VED, 3948-VEF) is affected by CVE-2025-36056, a cross-site scripting flaw in the Web UI that authenticated users can abuse to embed arbitrary JavaScript, potentially disclosing credentials within a trusted session. Affected microcode versions include 3957-VED R5....

IBM System Storage Virtualization Engine TS7700 跨站脚本漏洞

IBM System Storage Virtualization Engine TS7700 is a data repository from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM System Storage Virtualization Engine TS7700, which stems from susceptibility to cross-site scripting attacks that could lead to...

PT-2025-27495 · Ibm · Ibm System Storage Virtualization Engine Ts7700 +2

Name of the Vulnerable Software and Affected Versions: IBM System Storage Virtualization Engine TS7700 versions 8.54.2.17 through 8.60.0.115 IBM System Storage Virtualization Engine 3948 VED versions 8.54.2.17 through 8.60.0.115 IBM System Storage Virtualization Engine 3948 VEF version 8.60.0.115...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to Tampering (CVE-2025-36056)

Summary The IBM TS7700 virtualization solution has a vulnerability CVE-2025-36056 that makes it susceptible to tampering, as an attacker could exploit a Cross-Site Scripting flaw in its management interface. This security gap could enable unauthorized access to sensitive information through socia...

PT-2025-27494 · Ibm · Ibm System Storage Virtualization Engine Ts7700

Name of the Vulnerable Software and Affected Versions: IBM System Storage Virtualization Engine TS7700 versions 3957 VED R5.4 8.54.2.17 through R6.0 8.60.0.115 IBM System Storage Virtualization Engine TS7700 versions 3948 VED R5.4 8.54.2.17 through R6.0 8.60.0.115 IBM System Storage Virtualizatio...

CVE-2023-24958

A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to a Denial of Service (CVE-2024-6119) due to the use of OpenSSL

Summary IBM Virtualization Engine TS7700 is susceptible to a denial of service due to the use of OpenSSL CVE-2024-6119. OpenSSL is used in TS7700 to encrypt data in flight during EKM communications, Secure Data Transfer between clusters, and for TS7700 Advanced Object Store for DS8000...

Security Bulletin: IBM Virtualization Engine TS7700 is vulnerable to Spoofing due to IBM WebSphere Application Server Liberty (CVE-2023-50314).

Summary IBM Virtualization Engine TS7700 is susceptible to spoofing due to IBM WebSphere Application Server Liberty vulnerability CVE-2023-50314. TS7700 uses IBM WebSphere Application Server Liberty to provide the management interface. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM...

Security Bulletin: IBM Virtualization Engine TS7700 is susceptible to remote code execution due to the use of OpenSSH (CVE-2024-6387)

Summary IBM Virtualization Engine TS7700 is susceptible to remote code execution due to the use of OpenSSH CVE-2024-6387. OpenSSH is used by TS7700 to allow access from the TSSC Console by IBM authorized service personnel. Vulnerability Details CVEID:CVE-2024-6387 DESCRIPTION: OpenSSH could allow...