Primary

Context

IBM Storage Scale Command Injection Vulnerability Allowing Privileged Command Execution

Vulnerability

Patched

A command injection vulnerability has been identified in IBM Storage Scale versions 5.2.2.0 and 5.2.2.1. Under certain configurations, this vulnerability could allow an authenticated user to execute privileged commands, due to improper input neutralization.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of privileged commands by an authenticated user.

Remediation

Users are advised to upgrade to IBM Storage Scale version 5.2.3.0 or later. Instructions for downloading the update are available on the IBM Support Fix Central website.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

7.5

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Storage Scale Command Injection Vulnerability Allowing Privileged Command Execution

Vulnerability

Impact

Remediation

Affected Products

IBM Storage Scale

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating