CVE-2025-36104
EUVD-2025-2121912.07.2025, 12:15
IBM Storage Scale 5.2.3.0 and 5.2.3.1 could allow an authenticated user to obtain sensitive information from files due to the insecure permissions inherited through the SMB protocol.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| ibm | storage_scale | 5.2.3.0 |
| ibm | storage_scale | 5.2.3.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-277 - Insecure Inherited PermissionsA product defines a set of insecure permissions that are inherited by objects that are created by the program.
- CWE-732 - Incorrect Permission Assignment for Critical ResourceThe product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.