Lucene search

0a72a055-908d-47f5-a16a-1f09049c16c6CVE-2023-45085

HistoryDec 05, 2023 - 5:15 p.m.

CVE-2023-45085

2023-12-0517:15:08

CWE-665

CWE-1419

0a72a055-908d-47f5-a16a-1f09049c16c6

web.nvd.nist.gov

softiron

hypercloud

compute nodes

initialization process

workloads

availability

cve-2023-45085

nvd

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window.

This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.

Affected configurations

NVD

Node

softironhypercloudRange2.0.0–2.0.3

CPENameOperatorVersion
softiron:hypercloudsoftiron hypercloudlt2.0.3

CPE	Name	Operator	Version
softiron:hypercloud	softiron hypercloud	lt	2.0.3

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HyperCloud",
    "vendor": "SoftIron",
    "versions": [
      {
        "lessThan": "2.0.3",
        "status": "affected",
        "version": "2.0.0",
        "versionType": "semver"
      }
    ]
  }
]

References

advisories.softiron.cloud

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

4.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVE-2023-45085