SoftIron HyperCloud 安全漏洞

SoftIron HyperCloud is an intelligent cloud architecture developed by SoftIron Corporation. Versions of SoftIron HyperCloud 2.6.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the ability to directly use refresh tokens for resource access, without ensuring that...

CVE-2023-45085

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...

CVE-2023-45084

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

EUVD-2024-51312

Malicious code in bioql PyPI...

EUVD-2023-49405

Malicious code in bioql PyPI...

EUVD-2023-49406

Malicious code in bioql PyPI...

CVE-2025-10650

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 a...

CVE-2025-10650 Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 a...

CVE-2025-10650 Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 a...

SoftIron HyperCloud 安全漏洞

SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud versions 2.5.0 through 2.6.3 that stems from incorrectly adding a user SSH key to an administrator-level authorization key, which could lead to unauthorized elevation of...

PT-2025-38474

Name of the Vulnerable Software and Affected Versions SoftIron HyperCloud versions 2.5.0 through 2.6.3 Description SoftIron HyperCloud versions 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, potentially allowing...

CVE-2024-13058

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

CVE-2024-13058

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

CVE-2024-13058

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

CVE-2024-13058 Authenticated, non-admin users can create storage pools via the sifi API

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

CVE-2024-13058

CVE-2024-13058 affects SoftIron HyperCloud and related software (e.g., VM Squared) versions 2.3.0 up to but before 2.5.0. The issue allows authenticated, non-admin users to create data pools, potentially impacting the performance and availability of the backend software-defined storage subsystem....

CVE-2024-13058 Authenticated, non-admin users can create storage pools via the sifi API

An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products such ...

SoftIron HyperCloud 安全漏洞

SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud version 2.3.0 through versions prior to 2.5.0. An attacker exploiting this vulnerability could affect the performance and availability of the back-end software-defined...

PT-2024-17909 · Softiron · Softiron Hypercloud

Name of the Vulnerable Software and Affected Versions: SoftIron HyperCloud versions 2.3.0 through 2.4.x Description: An issue exists where authenticated, but non-admin users can create data pools, potentially impacting the performance and availability of the backend software-defined storage...

CVE-2023-45085

An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads tha...