Volerion logoVolerion
Volerion logoVolerion

IBM Storage Virtualize Privilege Escalation Vulnerability in SSH Authorization

Vulnerability

A privilege escalation vulnerability has been identified in IBM Storage Virtualize versions 8.4, 8.5, 8.6, and 8.7. This vulnerability allows an authenticated user to escalate privileges in an SSH session, stemming from incorrect authorization checks that govern resource access.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation within an SSH session.

Remediation

Users are advised to upgrade to version 8.4.0.18, 8.5.0.16, 8.6.0.9 or 8.7.0.6, depending on their current version. Instructions for downloading the latest code for IBM SAN Volume Controller, IBM Storwize V7000, V5100, V5000E, IBM FlashSystem 5000, 5100, 5200, 5300, 7200, 7300, 9100, 9200, 9500 and IBM Storage Virtualize for Public Cloud are available on the IBM Support Fix Central website.

Added: Aug 18, 2025, 2:20 PM
Updated: Aug 18, 2025, 2:20 PM

Vulnerability Rating

Custom Algorithm
spread
1.4
impact
7.5
exploitability
4.9
remediation
7.7
relevance
0.4
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.