Quantum Stornext vulnerabilities
2 known vulnerabilities affecting quantum/stornext.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-46616P2CRITICALCVSS 9.9fixed in 7.2.42025-04-25
CVE-2025-46616 [CRITICAL] CWE-434 CVE-2025-46616: Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via
Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
nvd
CVE-2025-46617P3HIGHCVSS 7.2fixed in 7.2.42025-04-25
CVE-2025-46617 [HIGH] CWE-798 CVE-2025-46617: Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unaut
Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
nvd