Critical IBM Storage Flaw Allows Authentication Bypass

Critical IBM Storage Flaw Allows Authentication Bypass
Summary: IBM has released a security bulletin addressing two critical vulnerabilities in the GUI of its Storage Virtualize products, allowing attackers to bypass authentication and execute arbitrary code. The vulnerabilities, identified as CVE-2025-0159 and CVE-2025-0160, have high CVSS base scores of 9.1 and 8.1 respectively. Users are advised to upgrade their systems to mitigate the risks associated with these vulnerabilities.

Affected: IBM Storage Virtualize and related products

Keypoints :

  • Two vulnerabilities: CVE-2025-0159 (authentication bypass) and CVE-2025-0160 (arbitrary code execution).
  • Critical CVSS scores: 9.1 for CVE-2025-0159 and 8.1 for CVE-2025-0160.
  • Recommendations to upgrade to specific patched versions of affected IBM Storage Virtualize products.

Source: https://securityonline.info/cve-2025-0159-cvss-9-1-critical-ibm-storage-flaw-allows-authentication-bypass/