CVE-2025-13855

IBM Storage Protect Server is affected by a vulnerability that could allow authenticated users to access administrative metadata through the JSON-RPC endpoint .

Description

IBM Storage Protect Server 8.2.0 IBM Storage Protect Plus Server is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database.

INFO

Published Date :

2026-04-01T00:23:28.677Z

Last Modified :

2026-04-01T13:20:45.428Z

Source :

ibm

AFFECTED PRODUCTS

The following products are affected by CVE-2025-13855 vulnerability.

Vendors	Products
Ibm	Aix Storage Protect Storage Protect Server
Linux	Linux Kernel
Microsoft	Windows

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13855.

URL	Resource
https://www.ibm.com/support/pages/node/7267783

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact