IBM Spectrum Scale privilege escalation
CVE-2022-43831

7.4HIGH

Key Information:

Vendor: IBM
Status: Storage Scale Container Native Storage Access
Vendor: CVE Published:; 31 July 2023

Summary

A vulnerability in IBM's Storage Scale Container Native Storage Access products (versions 5.1.2.1 to 5.1.6.1) allows local users to exploit improper security context configurations, which could enable them to gain escalated privileges on the host system. This flaw raises significant security concerns, as unauthorized users could gain control over sensitive operations without proper authorization.

Affected Version(s)

Storage Scale Container Native Storage Access 5.1.2.1 <= 5.1.6.1

References

https://www.ibm.com/support/pages/node/7015067

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/238941

vdb-entry

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2023
Vulnerability Reserved
Oct 26, 2022