CVE-2024-31891

Summary

IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1

contains a local privilege escalation vulnerability. A malicious actor with command line access to the 'scalemgmt' user can elevate privileges to gain root access to the host operating system.

Affected Software

VendorProductVersion RangeStatus
IBMStorage Scale5.1.9.0 <= 5.1.9.6affected
IBMStorage Scale5.2.0.0 <= 5.2.1.1affected

Weaknesses

  • CWE-250: CWE-250 Execution with Unnecessary Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References