Metrics
Affected Vendors & Products
Solution
Storage Scale 5.2.2.0-5.2.2.1, IBM strongly recommends addressing the vulnerability by upgrading to 5.2.3.0 or later: https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&produ... https://www.ibm.com/support/fixcentral/swg/selectFixes
Workaround
No workaround given by the vendor.
Link | Providers |
---|---|
https://www.ibm.com/support/pages/node/7233085 |
![]() ![]() |
Mon, 29 Sep 2025 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-77 |
Mon, 29 Sep 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-250 |
Tue, 12 Aug 2025 02:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ibm storage Scale
|
|
CPEs | cpe:2.3:a:ibm:storage_scale:5.2.2.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:storage_scale:5.2.2.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm storage Scale
|
Mon, 12 May 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sat, 10 May 2025 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated user to execute privileged commands due to improper input neutralization. | |
Title | IBM Storage Scale command injection | |
First Time appeared |
Ibm
Ibm spectrum Scale Container Native Storage Access |
|
Weaknesses | CWE-77 | |
CPEs | cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:5.2.1.1:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm spectrum Scale Container Native Storage Access |
|
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: ibm
Published:
Updated: 2025-09-29T15:33:16.069Z
Reserved: 2025-02-08T20:16:19.164Z
Link: CVE-2025-1137

Updated: 2025-05-12T13:20:42.437Z

Status : Modified
Published: 2025-05-10T03:15:22.720
Modified: 2025-09-29T16:15:37.637
Link: CVE-2025-1137

No data.

No data.