Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
IBM Storage Scale: Local User Can Access Resources They Shouldn't
CVE-2025-14604
Summary
IBM Storage Scale versions 5.2.3.0 to 5.2.3.5 and 6.0.0.0 to 6.0.0.1 may allow a local user to accidentally give other users access to sensitive resources. This could lead to unauthorized access to data or systems. You should update to the latest version to prevent this.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| ibm | storage_scale | > 5.2.3.0 , <= 5.2.3.6 | – |
| ibm | storage_scale | > 6.0.0.0 , <= 6.0.0.2 | – |
Original title
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources...
Original description
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors.
nvd CVSS3.1
7.8
Vulnerability type
CWE-732
Incorrect Permission Assignment for Critical Resource
- https://www.ibm.com/support/pages/node/7262312 Vendor Advisory
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026