CVE-2023-45084

HIGH

SoftIron HyperCloud <2.0.3 - Info Disclosure

Title source: llm

Description

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue only impacts SoftIron HyperCloud "density" storage nodes running HyperCloud software versions 1.0 to before 2.0.3.

References (1)

[Release Notes] https://advisories.softiron.cloud

Scores

CVSS v3 7.0

EPSS 0.0003

EPSS Percentile 8.1%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Classification

CWE

CWE-820 CWE-662

Status published

Affected Products (1)

softiron/hypercloud < 2.0.3

Timeline

Published Dec 05, 2023

Tracked Since Feb 18, 2026