Vulnerability Details CVE-2025-2141
IBM System Storage Virtualization Engine TS7700 3957 VED R5.4 8.54.2.17, R6.0 8.60.0.115, 3948 VED R5.4 8.54.2.17, R6.0 8.60.0.115, and 3948 VEF R6.0 8.60.0.115 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 15.2%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2025-2141
-
cpe:2.3:h:ibm:3948-ved:-
-
cpe:2.3:h:ibm:3948-vef:-
-
cpe:2.3:h:ibm:3957-ved:-
-
cpe:2.3:o:ibm:3948-ved_firmware:8.53.0
-
cpe:2.3:o:ibm:3948-ved_firmware:8.53.0.63
-
cpe:2.3:o:ibm:3948-vef_firmware:*
-
cpe:2.3:o:ibm:3957-ved_firmware:8.52.100.0
-
cpe:2.3:o:ibm:3957-ved_firmware:8.52.102.13
-
cpe:2.3:o:ibm:3957-ved_firmware:8.52.200.0
-
cpe:2.3:o:ibm:3957-ved_firmware:8.52.200.111
-
cpe:2.3:o:ibm:3957-ved_firmware:8.53.0
-
cpe:2.3:o:ibm:3957-ved_firmware:8.53.0.63