Approved changes feed: RSS · Atom

cpe:2.3:a:quantum:stornext:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorQuantum (5ec80e0c-0867-52da-a8a5-949622ffdecd)
ProductStornext (7061959e-a4ea-530f-b5ac-b4316c04e262)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-46617 vulnerable 2026-06-08 07:27:08.524680 Details available
HIGH (7.2)
Quantum StorNext Web GUI API before 7.2.4 grants access to internal StorNext configuration and unauthorized modification of some software configuration parameters via undocumented user credentials. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
Published: 2025-04-25T00:00:00.000Z
Updated: 2025-04-25T15:20:39.037Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-46616 vulnerable 2026-06-08 07:27:08.524378 Details available
CRITICAL (9.9)
Quantum StorNext Web GUI API before 7.2.4 allows potential Arbitrary Remote Code Execution (RCE) via upload of a file. This affects StorNext RYO before 7.2.4, StorNext Xcellis Workflow Director before 7.2.4, and ActiveScale Cold Storage.
Published: 2025-04-25T00:00:00.000Z
Updated: 2025-04-25T15:21:30.937Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.