CVE-2024-13058

EUVD-2024-51312
An issue exists in SoftIron HyperCloud
 where authenticated, but non-admin users can create data pools, which could potentially impact the performance and availability of the backend software-defined storage subsystem.

This issue only impacts SoftIron HyperCloud and related software products (such as VM Squared) software versions 2.3.0 to before 2.5.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
SoftIronCNA
4.8 MEDIUM
NETWORK
LOW
LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:L/S:N/AU:Y/R:U/V:D/RE:M/U:Green
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
softironhypercloud
2.3.0 ≤
𝑥
< 2.5.0
CNA
Common Weakness Enumeration
References
https://advisories.softiron.cloud/