1 results (0.008 seconds)
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13058 – Authenticated, non-admin users can create storage pools via the sifi API
https://notcve.org/view.php?id=CVE-2024-13058
30 Dec 2024 — An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0. • https://advisories.softiron.cloud • CWE-269: Improper Privilege Management CWE-400: Uncontrolled Resource Consumption •