VYPR

Fusion HCI

by IBM

CVEs (4)

  • CVE-2023-43040MedMay 14, 2024
    risk 0.42cvss 6.5epss 0.03

    IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807.

  • CVE-2023-50948MedJan 8, 2024
    risk 0.42cvss 6.5epss 0.01

    IBM Storage Fusion HCI 2.1.0 through 2.6.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 275671.

  • CVE-2024-22315MedJan 28, 2025
    risk 0.26cvss 4.0epss 0.00

    IBM Fusion and IBM Fusion HCI 2.3.0 through 2.8.2 is vulnerable to insecure network connection by allowing an attacker who gains access to a Fusion container to establish an external network connection.

  • CVE-2025-36222Sep 11, 2025
    risk 0.00cvss epss 0.00

    IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through 2.10.0, and IBM Fusion HCI for watsonx 2.8.2 through 2.10.0 uses insecure default configurations that could expose AMQStreams without client authentication that could allow an attacker to perform unauthorized actions.