Vulnerabilities > Softiron

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-45083 Improper Privilege Management vulnerability in Softiron Hypercloud
An Improper Privilege Management vulnerability exists in HyperCloud that will impact the ability for a user to authenticate against the management plane. An authenticated admin-level user may be able to delete the "admin" or "serveradmin" users, which prevents authentication from subsequently succeeding. This issue affects HyperCloud versions 1.0 to any release before 2.1.
local
low complexity
softiron CWE-269
4.4
2023-12-05 CVE-2023-45084 Improper Synchronization vulnerability in Softiron Hypercloud
An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue only impacts SoftIron HyperCloud "density" storage nodes running HyperCloud software versions 1.0 to before 2.0.3.
low complexity
softiron CWE-662
6.1
2023-12-05 CVE-2023-45085 Improper Initialization vulnerability in Softiron Hypercloud 2.0.0/2.0.1/2.0.2
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process.  In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
local
low complexity
softiron CWE-665
3.3