IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HIBM Storage Virtualize
APPIbm8.4.1.08.4.2.08.4.2.18.4.3.18.5.1.08.5.3.08.5.3.18.5.4.08.6.1.08.6.2.08.6.2.18.6.3.08.7.1.08.7.2.08.7.2.1+ 6 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References
Related vulnerabilities
CVE-2025-0159CRITICAL9.1PL ✓ten sam produkt
IBM FlashSystem: pominięcie uwierzytelnienia w RPCAdapter endpoint
CVE-2025-36118HIGH7.5ten sam produkt
IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive...
CVE-2025-0160HIGH8.1ten sam produkt
IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 t...
CVE-2023-43042HIGH7.5ten sam produkt
IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default p...
CVE-2025-1351MEDIUM6.7ten sam produkt
IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of a...