CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-22315 – IBM Fusion improper communication restriction
https://notcve.org/view.php?id=CVE-2024-22315
28 Jan 2025 — IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an external network connection. • https://www.ibm.com/support/pages/node/7179168 • CWE-923: Improper Restriction of Communication Channel to Intended Endpoints •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43040 – IBM Spectrum Fusion HCI improper access control
https://notcve.org/view.php?id=CVE-2023-43040
30 Jan 2024 — IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807. IBM Spectrum Fusion HCI 2.5.2 a 2.7.2 podría permitir que un atacante realice acciones no autorizadas en RGW para Ceph debido a un acceso inadecuado al depósito. ID de IBM X-Force: 266807. A flaw was found in rgw. • https://github.com/riza/CVE-2023-43040 • CWE-1220: Insufficient Granularity of Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-50948 – IBM Storage Fusion HCI information disclosure
https://notcve.org/view.php?id=CVE-2023-50948
08 Jan 2024 — IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671. IBM Storage Fusion HCI 2.1.0 a 2.6.1 contiene credenciales codificadas, como una contraseña o clave criptográfica, que utiliza para su propia autenticación entrante, comunicación saliente con componentes externos o cifrado de datos internos. ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/275671 • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •