CVE-2024-13058

Published Dec 30, 2024

Last updated 2 months ago

CVSS medium 4.8

Overview

Description
An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem. This issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.
Source
0a72a055-908d-47f5-a16a-1f09049c16c6
NVD status
Received

Risk scores

CVSS 4.0

Type
Secondary
Base score
4.8
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Green
Severity
MEDIUM

Weaknesses

0a72a055-908d-47f5-a16a-1f09049c16c6
CWE-269

Social media

Hype score
Not currently trending

  1. CVE-2024-13058 An issue exists in SoftIron HyperCloud where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availabilit… https://t.co/7WNg5acgwi

    @CVEnew

    30 Dec 2024

    687 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References