CVE-2025-3319 HIGH

CVE-2025-3319: IBM Spectrum Protect Server authentication bypass

Vendor Ibm
Product Spectrum Protect Server
Weakness CWE-306 · Missing auth
Published June 20, 2025
Last update August 24, 2025

CVSS base score

8.1/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due to improper session authentication which can result in access to unauthorized resources.

Key dates

02Disclosure timeline

June 20, 2025 CVE published
August 24, 2025 Record updated