CVE-2022-43831— IBM Spectrum Scale privilege escalation
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-43831
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Spectrum Scale privilege escalation
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.6.1 could allow a local user to obtain escalated privileges on a host without proper security context settings configured. IBM X-Force ID: 238941.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM Storage Scale 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM Storage Scale是美国国际商业机器(IBM)公司的一个存储解决方案,旨在帮助企业有效地管理和扩展存储资源,满足不断增长的数据存储需求。 IBM Storage Scale Container Native Storage Access存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM | Storage Scale Container Native Storage Access | 5.1.2.1 ~ 5.1.6.1 | - |
II. Public POCs for CVE-2022-43831
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-43831
请登录查看更多情报信息。
- https://www.ibm.com/support/pages/node/7015067vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-43831
Same Patch Batch · IBM · 2023-07-31 · 6 CVEs total
| CVE-2023-24971 | 7.5 HIGH | IBM B2B Advanced Communication denial of service |
| CVE-2023-35019 | 7.2 HIGH | IBM Security Verify Governance command execution |
| CVE-2023-35016 | 6.5 MEDIUM | IBM Security Verify Governance path traversal |
| CVE-2023-22595 | 5.4 MEDIUM | IBM B2B Advanced Communication cross-site scripting |
| CVE-2020-4868 | 4.3 MEDIUM | IBM TRIRIGA information disclosure |
IV. Related Vulnerabilities
Same vendor: IBM
- CVE-2026-1577
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-36122
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-14688
IBM® Db2® is vulnerable to a denial of service when fetching - CVE-2026-2311
IBM i is affected by a privilege escalation vulnerability in - CVE-2025-36180
Inadequate Pod Communication Restrictions, affects watsonx.d
V. Comments for CVE-2022-43831
No comments yet