Platform
ibm
Component
storage-protect-server
Fixed in
8.2.1
CVE-2025-13855 describes a SQL injection vulnerability discovered in IBM Storage Protect Server. This flaw allows a remote attacker to inject malicious SQL code, potentially leading to unauthorized access, modification, or deletion of sensitive data stored within the server's backend database. The vulnerability impacts versions 8.2.0. IBM recommends upgrading to a patched version to mitigate this risk.
Successful exploitation of CVE-2025-13855 could grant an attacker significant control over the IBM Storage Protect Server's data. An attacker could potentially extract sensitive information such as user credentials, backup configurations, and stored data. Furthermore, they could modify or delete data, disrupting backup and recovery operations. The blast radius extends to any systems relying on the Storage Protect Server for data protection, as compromised backups could be exploited to compromise those systems. This vulnerability shares similarities with other SQL injection attacks, where improperly sanitized user input is leveraged to bypass security controls.
The vulnerability was publicly disclosed on 2026-04-01. Exploitation context and probability are currently low, as no public proof-of-concept (PoC) code has been released. It is not currently listed on CISA KEV. Monitor security advisories and threat intelligence feeds for any indications of active exploitation campaigns targeting this vulnerability.
Exploit Status
EPSS
0.11% (29% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-13855 is to upgrade IBM Storage Protect Server to a version containing the security fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting network access to the Storage Protect Server to trusted sources only. Web application firewalls (WAFs) configured with rules to detect and block SQL injection attempts can provide an additional layer of defense. Monitor database logs for suspicious SQL queries that might indicate an ongoing attack. After upgrading, verify the fix by attempting a SQL injection attack against the server using a safe, controlled test query to ensure the vulnerability is no longer present.
Update IBM Storage Protect Server to a version later than 8.2.0 to correct the (SQL Injection) vulnerability. Refer to the IBM security advisory for detailed instructions on how to obtain and install the update.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-13855 is a SQL injection vulnerability affecting IBM Storage Protect Server 8.2.0, allowing attackers to manipulate the database.
If you are running IBM Storage Protect Server version 8.2.0, you are potentially affected and should prioritize upgrading to a patched version.
The recommended fix is to upgrade to a version of IBM Storage Protect Server that includes the security patch. Consider temporary workarounds like network restrictions if immediate upgrade is not possible.
Currently, there are no confirmed reports of active exploitation, but it's crucial to apply the patch proactively.
Refer to the official IBM Security Bulletin for detailed information and mitigation guidance: [https://www.ibm.com/support/kbdoc/firstdoc?docid=instance/sb13855/0]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.