exploitDog

CVE-2025-46617

Опубликовано: 25 апр. 2025

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.

Ссылки

https://www.quantum.com/en/service-support/security-bulletins/stornext-gui-multiple-security-vulnerabilities-stornext-gui-multiple-security-vulnerabilities/

EPSS

Процентиль: 17%

0.00055

Низкий

7.2 High

CVSS3

Дефекты

CWE-798

Связанные уязвимости

GHSA-8p8h-vpmc-q8xq

CVSS3: 7.2

github

10 месяцев назад

Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.

EPSS

Процентиль: 17%

0.00055

Низкий

7.2 High

CVSS3

Дефекты

CWE-798