CVE-2025-36104
- EPSS 0.03%
- Published 12.07.2025 11:30:41
- Last modified 23.07.2025 19:08:24
IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol.
CVE-2025-1137
- EPSS 0.03%
- Published 10.05.2025 01:56:23
- Last modified 29.09.2025 16:15:37
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization.
CVE-2024-31892
- EPSS 0.27%
- Published 14.12.2024 13:15:18
- Last modified 25.07.2025 20:57:25
IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements.
CVE-2024-31891
- EPSS 0.03%
- Published 14.12.2024 13:15:17
- Last modified 25.07.2025 20:57:17
IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host...
CVE-2023-38002
- EPSS 0.02%
- Published 30.04.2024 15:15:50
- Last modified 04.08.2025 17:47:19
IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: 260208.