Security Bulletin: IBM Storage Protect Operations Center is vulnerable to improper access control and stack overflow due to IBM SDK, Java (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447).
Zusammenfassung
IBM SDK, Java ist anfällig für unsachgemäße Zugriffskontrolle und Speicherüberlauf (stack overflow). IBM Storage Protect Operations Center verwendet IBM SDK, Java und ist möglicherweise von dieser Sicherheitslücke betroffen.
CVEID: CVE-2025-21587
DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact.
CWE: CWE-284: Improper Access Control
CVSS Source: secalert_us@oracle.com
CVSS Base score: 7.4
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2025-4447
DESCRIPTION: In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
CWE: CWE-121: Stack-based Buffer Overflow
CVSS Source: NVD
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: IBM Storage Protect Server is vulnerable to unauthenticated attacker with network access via multiple protocols and TLS due to IBM SDK, Java (CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754)
Zusammenfassung
IBM SDK, Java ist anfällig für nicht authentifizierte Angreifer mit Netzwerkzugriff über mehrere Protokolle und TLS. IBM Storage Protect Server verwendet IBM SDK, Java und ist möglicherweise von dieser Sicherheitslücke betroffen.
CVEID: CVE-2025-50106
DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS Source: secalert_us@oracle.com
CVSS Base score: 8.1
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVEID: CVE-2025-30749
DESCRIPTION: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS Source: secalert_us@oracle.com
CVSS Base score: 8.1
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Storage Protect Operations Center (CVE-2025-36097)
Zusammenfassung
IBM WebSphere Application Server Liberty ist anfällig für Denial-of-Service-Angriffe, die sich auf IBM Spectrum Protect (ehemals Tivoli Storage Manager) Operations Center auswirken können.
CVEID: CVE-2025-36097
DESCRIPTION: IBM WebSphere Application Server 9.0 and WebSphere Application Server Liberty 17.0.0.3 through 25.0.0.7 are vulnerable to a denial of service, caused by a stack-based overflow. An attacker can send a specially crafted request that cause the server to consume excessive memory resources.
CWE: CWE-121: Stack-based Buffer Overflow
CVSS Source: IBM
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: DoS vulnerability in Apache Commons FileUpload vulnerability in WebSphere Application Server Liberty affects IBM Storage Protect Operations Center (CVE-2025-48976)
Zusammenfassung
IBM WebSphere Application Server Liberty ist anfällig für DoS-Angriffe in Apache Commons FileUpload, die sich auf IBM Spectrum Protect (ehemals Tivoli Storage Manager) Operations Center auswirken können.
CVEID: CVE-2025-48976
DESCRIPTION: Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: from 1.0 before 1.6; from 2.0.0-M1 before 2.0.0-M4. Users are recommended to upgrade to versions 1.6 or 2.0.0-M4, which fix the issue.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: CISA ADP
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang crypto library.
Zusammenfassung
Die Golang-Kryptobibliothek wird vom IBM Storage Protect Server Object Agent und der OSSM-Komponente verwendet. Golang Crypto ist anfällig für Denial-of-Service-Angriffe. In diesem Bulletin werden die Schritte zur Behebung der Sicherheitslücken beschrieben. CVE-2025-22869.
CVEID: CVE-2025-22869
DESCRIPTION: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: CISA ADP
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang coredns library
Zusammenfassung
Die Golang-coredns-Bibliothek wird vom IBM Storage Protect Server Object Agent und der OSSM-Komponente verwendet. Golang coredns ist anfällig für Denial-of-Service-Angriffe. In diesem Bulletin werden die Schritte zur Behebung der Sicherheitslücken beschrieben. CVE-2025-47950.
CVEID: CVE-2025-47950
DESCRIPTION: CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service (DoS) vulnerability exists in the CoreDNS DNS-over-QUIC (DoQ) server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number of concurrent streams or goroutines. A remote, unauthenticated attacker could open a large number of streams, leading to uncontrolled memory consumption and eventually causing an Out Of Memory (OOM) crash — especially in containerized or memory-constrained environments. The patch in version 1.12.2 introduces two key mitigation mechanisms: `max_streams`, which caps the number of concurrent QUIC streams per connection with a default value of `256`; and `worker_pool_size`, which Introduces a server-wide, bounded worker pool to process incoming streams with a default value of `1024`. This eliminates the 1:1 stream-to-goroutine model and ensures that CoreDNS remains resilient under high concurrency. Some workarounds are available for those who are unable to upgrade. Disable QUIC support by removing or commenting out the `quic://` block in the Corefile, use container runtime resource limits to detect and isolate excessive memory usage, and/or monitor QUIC connection patterns and alert on anomalies.
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source: security-advisories@github.com
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: IBM Storage Protect Server is vulnerable to improper access control and stack overflow due to IBM SDK, Java (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447)
Zusammenfassung
IBM SDK, Java ist anfällig für unsachgemäße Zugriffskontrolle und Stapelüberlauf. IBM Storage Protect Server verwendet IBM SDK, Java und ist möglicherweise von dieser Sicherheitslücke betroffen.
CVEID: CVE-2025-21587
DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact.
CWE: CWE-284: Improper Access Control
CVSS Source: secalert_us@oracle.com
CVSS Base score: 7.4
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2025-4447
DESCRIPTION: In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
CWE: CWE-121: Stack-based Buffer Overflow
CVSS Source: NVD
CVSS Base score: 7.8
CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
IBM Storage Protect Affected Versions: 8.1.0.000 - 8.1.27.xxx
Fixing Level: 8.1.27.100
Security Bulletin: Multiple vulnerabilities in IBM Db2 may affect IBM Storage Protect Server.
Zusammenfassung
IBM Storage Protect Server, der IBM Db2 verwendet, ist möglicherweise von mehreren Sicherheitslücken betroffen, die zu einem Denial-of-Service oder zum Verlust der Vertraulichkeit und Integrität führen können. Zu diesen Sicherheitslücken gehören CVE-2024-7254, CVE-2022-3510, CVE-2022-3509, CVE-2022-3171, CVE-2024-49350, CVE-2025-3050, CVE-2025-2518, CVE-2024-52903, CVE-2025-1493, CVE-2025-1000, CVE-2025-1992 und CVE-2025-0915. Dieses Bulletin beschreibt die erforderlichen Schritte zur Behebung dieser Sicherheitslücken.
Details zu den Sicherheitslücken
CVEID: CVE-2024-7254
DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an arbitrary number of nested groups / series of SGROUP tags can corrupted by exceeding the stack limit i.e. StackOverflow. Parsing nested groups as unknown fields with DiscardUnknownFieldsParser or Java Protobuf Lite parser, or against Protobuf map fields, creates unbounded recursions that can be abused by an attacker.
CWE: CWE-400: Uncontrolled Resource Consumption
CVSS Source: NVD
CVSS Base score: 7.5
CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Product(s)/ Version(s)
IBM Storage Protect Server: 8.1
Remediation/Fixes
IBM strongly recommends addressing the vulnerabilities now by upgrading.
Affected Versions 8.1.0.000 - 8.1.27.xxx
Fixing Level 8.1.27.100
Platform AIX Linux Windows: Remediation/Fix/Instructions Instructions for downloading the update:: https://www.ibm.com/support/pages/node/7236970
Sie haben Rückfragen zu IBM Storage Protect oder den Security Bulletins? Schreiben Sie mir gerne eine Mail.
Andreas Schwab, Senior Service Engineer
Telefon +49 171 954 86 44
Quelle und weitere Links
Hier alle Links zu allen IBM Flash Security Bulletins vom 12.11.2025, die IBM Storage Protect betreffen:
- Security Bulletin: IBM Storage Protect Operations Center is vulnerable to improper access control and stack overflow due to IBM SDK, Java (CVE-2025-21587, CVE-2025-30698, CVE-2025-4447): https://www.ibm.com/support/pages/node/7249928?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 5.6 - 7.8
- Security Bulletin: IBM Storage Protect Server is vulnerable to unauthenticated attacker with network access via multiple protocols and TLS due to IBM SDK, Java (CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754): https://www.ibm.com/support/pages/node/7250246?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 4.8 - 8.1
- Security Bulletin: Security Configuration vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2024-56339): https://www.ibm.com/support/pages/node/7249981?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 3.7
- Security Bulletin: Denial of Service vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36097): https://www.ibm.com/support/pages/node/7249992?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 7.5
- Security Bulletin: DoS vulnerability in Apache Commons FileUpload vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-48976): https://www.ibm.com/support/pages/node/7249994?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 7.5
- Security Bulletin: JMS messaging configuration vulnerability in WebSphere Application Server Liberty affects IBM Spectrum Protect Operations Center (CVE-2025-36124): https://www.ibm.com/support/pages/node/7249993?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 5.9
- Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang crypto library: https://www.ibm.com/support/pages/node/7249985?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 7.5
- Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang coredns library: https://www.ibm.com/support/pages/node/7249984?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 7.5
- Security Bulletin: IBM Storage Protect Server is susceptible to a vulnerability due to Golang net library: https://www.ibm.com/support/pages/node/7249986?myns=swgother&mynp=OCSSEQVQ&mync=E&cm_sp=swgother-_-OCSSEQVQ-_-E, CVSS Base score: 4.4
Security Bulletin: Multiple vulnerabilities in IBM Db2 may affect IBM Storage Protect Server: https://www.ibm.com/support/pages/node/7249983
