Filtered by vendor Ibm Subscriptions
Filtered by product Spectrum Scale Subscriptions
Total 57 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-4358 1 Ibm 1 Spectrum Scale 2024-09-17 5.4 Medium
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762.
CVE-2020-4755 1 Ibm 1 Spectrum Scale 2024-09-17 5.4 Medium
IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595.
CVE-2018-1782 1 Ibm 1 Spectrum Scale 2024-09-17 N/A
IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805.
CVE-2020-4889 2 Ibm, Linux 2 Spectrum Scale, Linux Kernel 2024-09-17 3.3 Low
IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.
CVE-2020-4411 2 Ibm, Linux 3 Aix, Spectrum Scale, Linux Kernel 2024-09-17 7.1 High
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986.
CVE-2020-4357 1 Ibm 1 Spectrum Scale 2024-09-17 4.3 Medium
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761.
CVE-2020-4749 1 Ibm 1 Spectrum Scale 2024-09-17 4.3 Medium
IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 188518.
CVE-2020-4491 1 Ibm 1 Spectrum Scale 2024-09-17 5.5 Medium
IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991.
CVE-2018-1431 1 Ibm 2 General Parallel File System, Spectrum Scale 2024-09-17 N/A
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.
CVE-2020-4891 1 Ibm 1 Spectrum Scale 2024-09-17 5.5 Medium
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974.
CVE-2020-4350 1 Ibm 1 Spectrum Scale 2024-09-17 7.5 High
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424.
CVE-2020-4217 1 Ibm 1 Spectrum Scale 2024-09-16 7.5 High
The IBM Spectrum Scale 4.2 and 5.0 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 175067.
CVE-2020-4756 1 Ibm 2 Elastic Storage Server, Spectrum Scale 2024-09-16 5.5 Medium
IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-Force ID: 188599.
CVE-2021-38882 2 Ibm, Linux 2 Spectrum Scale, Linux Kernel 2024-09-16 4.4 Medium
IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. IBM X-Force ID: 209164.
CVE-2020-4492 1 Ibm 1 Spectrum Scale 2024-09-16 5.5 Medium
IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. IBM X-Force ID: 181992.
CVE-2019-4665 1 Ibm 1 Spectrum Scale 2024-09-16 5.4 Medium
IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171247.
CVE-2020-4379 1 Ibm 1 Spectrum Scale 2024-09-16 7.5 High
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.
CVE-2021-29666 2 Ibm, Linux 2 Spectrum Scale, Linux Kernel 2024-09-16 5.4 Medium
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199400.
CVE-2020-4348 1 Ibm 1 Spectrum Scale 2024-09-16 6.5 Medium
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414
CVE-2022-22368 3 Ibm, Linux, Microsoft 4 Aix, Spectrum Scale, Linux Kernel and 1 more 2024-09-16 7.5 High
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 221012.