Lucene search
K
IbmStorage Scale

6 matches found

CVE
CVE
added 2024/04/30 2:40 p.m.77 views

CVE-2023-38002

CVE-2023-38002 — IBM Storage Scale : Affected versions are 5.1.0.0 through 5.1.9.2. An authenticated user could steal or manipulate an active session to gain access to the system. Root cause is described as session-related vulnerability affecting GUI/authenticated sessions (no details on underlyi...

8.8CVSS6.4AI score0.0037EPSS
CVE
CVE
added 2024/12/14 1:1 p.m.71 views

CVE-2024-31891

IBM Storage Scale GUI 5.1.9.0–5.1.9.6 and 5.2.0.0–5.2.1.1 contain a local privilege escalation vulnerability. A user with command line access to the scalemgmt account can elevate privileges to root on the host OS. Affected versions include 5.1.9.x and 5.2.x prior to fixes. Remediation: upgrade to...

7.8CVSS8AI score0.00158EPSS
CVE
CVE
added 2025/05/10 1:56 a.m.70 views

CVE-2025-1137

IBM Storage Scale 5.2.2.0 and 5.2.2.1 are affected by a vulnerability that could let an authenticated user execute privileged commands due to improper input neutralization. The connected IBM Security Bulletin confirms the issue and states remediation by upgrading to IBM Storage Scale 5.2.3.0 or l...

8.8CVSS9.3AI score0.0034EPSS
CVE
CVE
added 2024/12/14 12:58 p.m.66 views

CVE-2024-31892

The CVE-2024-31892 issue affects IBM Storage Scale GUI versions 5.1.9.0–5.1.9.6 and 5.2.0.0–5.2.1.1. Description: a CSV file manipulation path can allow unauthorized actions due to improper neutralization of formula elements, i.e., SQL injection in the GUI. Impact stated in the sources is high (C...

7.5CVSS7.4AI score0.00325EPSS
CVE
CVE
added 2025/07/12 11:30 a.m.37 views

CVE-2025-36104

CVE-2025-36104 affects IBM Storage Scale versions 5.2.3.0 and 5.2.3.1. Authenticated users can obtain sensitive information from files due to insecure inherited permissions via SMB ACLs. Root cause: insecure inherited permissions on files/directories created or modified through SMB. Impact: infor...

6.5CVSS5.8AI score0.00249EPSS
CVE
CVE
added 2026/03/03 7:48 p.m.14 views

CVE-2025-14604

CVE-2025-14604 affects IBM Storage Scale. It describes that when a directory has a specific ACL composition, a local user could unintentionally trigger additional permissions for resources, allowing execution by unintended actors. Affected products and versions: IBM Storage Scale 5.2.3.0–5.2.3.5 ...

7.8CVSS5.9AI score0.00132EPSS