Filtered by vendor Ibm
Subscriptions
Filtered by product Spectrum Scale
Subscriptions
Total
57 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-4981 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 6.0 Medium |
| IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541. | ||||
| CVE-2019-4715 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 8.8 High |
| IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 172093. | ||||
| CVE-2021-29667 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-09-16 | 7.8 High |
| IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 199403. | ||||
| CVE-2018-1723 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | N/A |
| IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2 could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node. IBM X-Force ID: 147373. | ||||
| CVE-2020-4242 | 1 Ibm | 2 Spectrum Protect Plus, Spectrum Scale | 2024-09-16 | 8.8 High |
| IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175419. | ||||
| CVE-2021-29671 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 3.3 Low |
| IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478. | ||||
| CVE-2020-4890 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 4.4 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM X-Force ID: 190973. | ||||
| CVE-2020-4412 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2024-09-16 | 5.3 Medium |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 179987. | ||||
| CVE-2021-29740 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 7.8 High |
| IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474. | ||||
| CVE-2020-4748 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 6.1 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188517. | ||||
| CVE-2019-4259 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 5.5 Medium |
| A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011. | ||||
| CVE-2020-4241 | 1 Ibm | 2 Spectrum Protect Plus, Spectrum Scale | 2024-09-16 | 8.8 High |
| IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418. | ||||
| CVE-2017-1654 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-09-16 | N/A |
| IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378. | ||||
| CVE-2020-4273 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 7.8 High |
| IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977. | ||||
| CVE-2020-4851 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 5.5 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450. | ||||
| CVE-2019-4558 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 7.8 High |
| A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files. | ||||
| CVE-2021-29708 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 6.7 Medium |
| IBM Spectrum Scale 5.1.0.1 could allow a local with access to the GUI pod container to obtain sensitive cryptographic keys that could allow them to elevate their privileges. IBM X-Force ID: 200883. | ||||
| CVE-2020-4378 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 4.9 Medium |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157. | ||||
| CVE-2020-4349 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 7.5 High |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423. | ||||
| CVE-2020-4925 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2024-09-16 | 5.5 Medium |
| A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. IBM X-Force ID: 191599. | ||||