CVE-2025-36120

Summary

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their privileges in an SSH session due to incorrect authorization checks to access resources.

Affected Software

VendorProductVersion RangeStatus
IBMStorage Virtualize8.4affected
IBMStorage Virtualize8.5affected
IBMStorage Virtualize8.6affected
IBMStorage Virtualize8.7affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References