169 matches found
CVE-2025-1137 IBM Storage Scale command injection
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization...
CVE-2025-1137 IBM Storage Scale command injection
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization...
CVE-2025-1137
IBM Storage Scale 5.2.2.0 and 5.2.2.1 are affected by a vulnerability that could let an authenticated user execute privileged commands due to improper input neutralization. The connected IBM Security Bulletin confirms the issue and states remediation by upgrading to IBM Storage Scale 5.2.3.0 or l...
Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale cloudkit and CES S3 are now addressed. (CVE-2025-22868, CVE-2025-22869)
Summary There are several vulnerabilities in IBM Storage Scale which could provide weaker than expected security that are now addressed CVE-2024-45337, CVE-2024-45338 Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected...
IBM Storage Scale 命令注入漏洞
IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations effectively manage and scale storage resources to meet growing data storage needs. A command injection vulnerability exists in IBM Storage Scale versions 5.2.2.0 and 5.2.2.1 that stems...
PT-2025-20606 · Ibm · Ibm Storage Scale
Name of the Vulnerable Software and Affected Versions: IBM Storage Scale versions 5.2.2.0 through 5.2.2.1 Description: The issue allows an authenticated user to execute privileged commands due to improper input neutralization. This is related to a command injection issue, specifically improper...
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System
Summary There are multiple vulnerabilities in the Linux kernel, used by IBM Storage Scale System, which could allow a denial of service. Fixes for these vulnerabilities are available. Vulnerability Details CVEID:CVE-2024-40998 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities that can affect IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-36889 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the failure to ensure...
Security Bulletin: Multiple vulnerabilities in Samba may affect IBM Storage Scale SMB protocol access method (CVE-2023-4091, CVE-2023-42669, CVE-2023-3961, CVE-2023-42670)
Summary Multiple samba vulnerabilities may affect IBM Storage Scale SMB protocol access method that could allow a remote authenticated attacker to execute arbitrary code or denial of the service on the system. Vulnerability Details CVEID:CVE-2023-4091 DESCRIPTION: Samba could allow a remote...
Security Bulletin: The following vulnerabilities can affect IBM Storage Scale System and IBM Storage Scale are now included
Summary The following vulnerabilities can affect IBM Storage Scale System and IBM Storage Scale and could provide weaker than expected security are now fixed. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability...
CVE-2022-43831
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. IBM X-Force ID: 238941...
CVE-2022-41738
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812...
CVE-2022-41737
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local attacker to initiate connections from a container outside the current namespace. IBM X-Force ID: 237811...
CVE-2024-31892
IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements...
CVE-2024-31891
IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities, used by IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2024-26643 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to page fault...
IBM Storage Scale SQL Injection Vulnerability
IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations effectively manage and scale storage resources to meet growing data storage needs. IBM Storage Scale suffers from a SQL injection vulnerability that stems from the application's lack of...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Storage Scale System that are now included
Summary There are multiple vulnerabilities that can affect IBM Storage Scale System, which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2023-52451 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by an error related to acces...
Security Bulletin: Multiple vulnerabilities which can affect IBM Storage Scale are now fixed.
Summary There are several vulnerabilities in IBM Storage Scale which could provide weaker than expected security that are now fixed. Vulnerability Details CVEID:CVE-2023-50314 DESCRIPTION: IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.8 could allow an attacker with access to th...
Security Bulletin: IBM Storage Scale System may be affected by vulnerabilities in OpenSSL
Summary Security vulnerabilities have been discovered in OpenSSL that are now fixed. Vulnerability Details CVEID:CVE-2023-3446 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by a flaw when using the DHcheck, DHcheckex or EVPPKEYparamcheck functions to check a DH key or DH...