What is CVE-2025-0159?

CVE-2025-0159 is a critical-severity vulnerability in Ibm Storage Virtualize, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 9.1/10. Published 2025-02-28.

How severe is CVE-2025-0159?

Critical severity. CVSS v3 base score is 9.1 out of 10.

Vulnerability in Ibm Storage Virtualize

CVE-2025-0159

IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8…

EPSS: 0.000 (9.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.1 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Ibm Storage Virtualize — versions 8.5.0.0, 8.5.1.0, 8.5.2.0

Weakness classification (CWE)

CWE-288 — Authentication Bypass Using an Alternate Path or Channel

References

www.ibm.com/support/pages/node/7184182 (vendor-advisory)

Frequently asked questions

What is CVE-2025-0159?: CVE-2025-0159 is a critical-severity vulnerability in Ibm Storage Virtualize, classified under Authentication Bypass Using an Alternate Path or Channel. CVSS score: 9.1/10. Published 2025-02-28.
How severe is CVE-2025-0159?: Critical severity. CVSS v3 base score is 9.1 out of 10.