PT-2026-4329 · Hewlett Packard · Nimble Storage+1
Published
2026-01-20
·
Updated
2026-03-01
·
CVE-2026-23594
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
HPE Alletra 6000/5000 and Nimble Storage versions prior to 6.1.2.800
HPE Alletra 6000/5000 and Nimble Storage versions prior to 6.1.3.300
Description
A privilege escalation flaw exists in HPE Alletra 6000/5000 and Nimble Storage arrays. An attacker with low-level authenticated access can escalate privileges to gain full administrative control. Compromised storage arrays could expose sensitive data, enable ransomware staging, or disrupt production operations. The vulnerability has a CVSS score of 8.8.
Recommendations
Upgrade HPE Alletra 6000/5000 and Nimble Storage to version 6.1.2.800 or later.
Upgrade HPE Alletra 6000/5000 and Nimble Storage to version 6.1.3.300 or later.
Review management access controls to prevent attacker footholds.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hpe Alletra 6000/5000
Nimble Storage