8.8
CVE-2025-1137
- EPSS 0.18%
- Veröffentlicht 10.05.2025 01:56:23
- Zuletzt bearbeitet 29.09.2025 16:15:37
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM Storage Scale command injection
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Storage Scale Version5.2.2.0
Ibm ≫ Storage Scale Version5.2.2.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.39 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| psirt@us.ibm.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-250 Execution with Unnecessary Privileges
The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.