{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-08-04T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "92408", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92408"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2016-2985", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "92408", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92408"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:40:14.380Z"}, "title": "CVE Program Container", "references": [{"name": "92408", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/92408"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2016-2985", "datePublished": "2016-11-25T03:38:00.000Z", "dateReserved": "2016-03-09T00:00:00.000Z", "dateUpdated": "2024-08-05T23:40:14.380Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FC456A68-AF06-4862-A8FF-DF96A398C25B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "78041991-E33E-4A0F-85A9-07ABC30253F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "E001E389-CF46-4F25-825C-42D74449AEBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "46BFDF57-1CF3-45FA-9989-E77D96CEE291", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "32051A82-BF76-439B-8D8C-B8EE5B6EAEA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "5F15DE88-ED1E-48B7-A5F2-73278987B4B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "AEE29E4D-65DE-4DEF-962D-2ECE5D62A846", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."}, {"lang": "es", "value": "IBM Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.8 y 4.2.x en versiones anteriores a 4.2.0.4 y General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.32 y 4.1.x en versiones anteriores a 4.1.1.8 permiten a usuarios locales obtener privilegios a trav\u00e9s de variables de entorno manipuladas a un programa setuid /usr/lpp/mmfs/bin/."}], "id": "CVE-2016-2985", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-11-25T03:59:03.203", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"}, {"source": "psirt@us.ibm.com", "url": "http://www.securityfocus.com/bid/92408"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/92408"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}