本ページは ibm storage_scale に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-14604 | IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors. | [email protected] | 6.6 | 0.13% | 2026-03-03 | 2026-06-17 |
| CVE-2025-36104 | IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol. | [email protected] | 6.5 | 0.25% | 2025-07-12 | 2026-06-17 |
| CVE-2025-1137 | IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization. | [email protected] | 7.5 | 0.33% | 2025-05-09 | 2026-06-17 |
| CVE-2024-31892 | IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper neutralization of formula elements. | [email protected] | 7.5 | 0.30% | 2024-12-14 | 2026-06-17 |
| CVE-2024-31891 | IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system. | [email protected] | 7.8 | 0.15% | 2024-12-14 | 2026-06-17 |
| CVE-2023-38002 | IBM Storage Scale 5.1.0.0 through 5.1.9.2 could allow an authenticated user to steal or manipulate an active session to gain access to the system. IBM X-Force ID: 260208. | [email protected] | 5.0 | 0.37% | 2024-04-30 | 2026-06-17 |