Authentication Bypass Vulnerability in IBM Spectrum Protect Server
CVE-2025-3319

8.1HIGH

Key Information:

Vendor: IBM
Status: Spectrum Protect Server
Vendor: CVE Published:; 20 June 2025

What is CVE-2025-3319?

IBM Spectrum Protect Server versions 8.1 through 8.1.26 contain a flaw that allows an attacker to bypass session authentication, potentially granting unauthorized access to sensitive resources. This vulnerability arises from improper authentication mechanisms within the server, highlighting the importance of maintaining secure authentication practices to safeguard against unauthorized data access.

Affected Version(s)

Spectrum Protect Server 8.1 <= 8.1.26

References

https://www.ibm.com/support/pages/node/7236999

vendor-advisory

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 20, 2025
Vulnerability Reserved
Apr 5, 2025