VYPR

Storage Virtualize

by IBM

CVEs (8)

  • CVE-2025-0159CriFeb 28, 2025
    risk 0.59cvss 9.1epss 0.01

    IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a…

  • CVE-2025-0160HigFeb 28, 2025
    risk 0.53cvss 8.1epss 0.00

    IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2.3, 8.5.3.0 through 8.5.3.1, 8.5.4.0, 8.6.0.0 through 8.6.0.5, 8.6.1.0, 8.6.2.0 through 8.6.2.1, 8.6.3.0, 8.7.0.0 through 8.7.0.2, 8.7.1.0, 8.7.2.0 through 8.7.2.1) could allow a…

  • CVE-2023-43042HigDec 14, 2023
    risk 0.49cvss 7.5epss 0.01

    IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.3 products use default passwords for a privileged user. IBM X-Force ID: 266874.

  • CVE-2025-1351MedJul 7, 2025
    risk 0.44cvss 6.7epss 0.00

    IBM Storage Virtualize 8.5, 8.6, and 8.7 products could allow a user to escalate their privileges to that of another user logging in at the same time due to a race condition in the login function.

  • CVE-2023-47700MedFeb 7, 2024
    risk 0.38cvss 5.9epss 0.01

    IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Storage Virtualize 8.6 products could allow a remote attacker to spoof a trusted system that would not be correctly validated by the Storwize server. This could lead to a user connecting to a malicious host,…

  • CVE-2024-39723MedJul 8, 2024
    risk 0.30cvss 4.6epss 0.00

    IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data. IBM X-Force ID: 295935.

  • CVE-2025-36118Nov 17, 2025
    risk 0.00cvss epss 0.00

    IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request.

  • CVE-2025-36120Aug 18, 2025
    risk 0.00cvss epss 0.00

    IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.