Containerization Vulnerability Could Allow Attacker Access
CVE-2022-41737

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Storage Scale Container Native Storage Access
Vendor: CVE Published:; 17 February 2024

Summary

IBM Storage Scale Container Native Storage Access versions 5.1.2.1 through 5.1.7.0 are susceptible to a vulnerability that allows a local attacker to initiate connections from a container outside its designated namespace. This flaw could enable unauthorized access, potentially compromising the integrity and confidentiality of data within the network.

Affected Version(s)

Storage Scale Container Native Storage Access 5.1.2.1 <= 5.1.7.0

References

https://www.ibm.com/support/pages/node/7095312

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/237811

vdb-entry

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 17, 2024
Vulnerability Reserved
Sep 28, 2022