CVE-2025-36056
BaseFortify
Publication date: 2025-07-01
Last updated on: 2025-09-30
Assigner: IBM Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ibm | 3957-ved_firmware | to 8.54.2.17 (inc) |
| ibm | 3957-ved | * |
| ibm | 3948-ved_firmware | to 8.54.2.17 (inc) |
| ibm | 3948-ved | * |
| ibm | 3948-vef_firmware | to 8.60.0.115 (inc) |
| ibm | 3948-vef | * |
| ibm | 3957-ved_firmware | to 8.60.0.115 (inc) |
| ibm | 3957-ved | * |
| ibm | 3948-ved_firmware | to 8.60.0.115 (inc) |
| ibm | 3948-ved | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Scripting (XSS) issue in the IBM System Storage Virtualization Engine TS7700 web management interface. It allows an authenticated user to inject arbitrary JavaScript code into the Web UI, which can alter the intended functionality and potentially lead to the disclosure of credentials within a trusted session. [1]
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an authenticated user to execute arbitrary JavaScript in the web interface, potentially altering its functionality and causing disclosure of credentials. This could lead to unauthorized access or misuse of the system within a trusted session. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves verifying the microcode and VTD_EXEC package versions on your IBM TS7700 systems to identify if they are running vulnerable versions. Specifically, check if the microcode versions are at or below 8.54.2.17 for R5.4 or 8.60.0.115 for R6.0, and if the VTD_EXEC package versions are below the recommended fixed versions (VTD_EXEC.904 v1.27 for R5.4 or VTD_EXEC.905 v1.11 for R6.0). Commands to query system microcode and package versions depend on your system environment and IBM TS7700 management interface, but typically involve accessing the web UI or using IBM system management commands to display firmware and package versions. Since the vulnerability is a cross-site scripting issue in the web UI, monitoring for unusual JavaScript activity or unexpected behavior in the web interface may also help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading the IBM TS7700 microcode and VTD_EXEC packages to the minimum required fixed versions: for 3957 VED R5.4 upgrade to microcode 8.54.2.17 or 8.54.1.27 plus VTD_EXEC.904 (v1.27); for 3957 VED R6.0 upgrade to microcode 8.60.0.115 plus VTD_EXEC.905 (v1.11); similarly for 3948 VED and 3948 VEF models as specified. Installation can be done locally or remotely, online or offline, and typically takes about 60 minutes. Additionally, restrict physical and network access to the TS7700 systems to authorized personnel only to reduce exposure, although this does not fully eliminate the risk. [1]