Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spectrum_scale
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 56 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-05-24 | CVE-2020-4926 | A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600. | Elastic_storage_system, Spectrum_scale | 9.1 | ||
| 2022-05-03 | CVE-2022-22368 | IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 221012. | Spectrum_scale | 7.5 | ||
| 2021-04-27 | CVE-2020-4981 | IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541. | Spectrum_scale | 6.0 | ||
| 2021-11-16 | CVE-2021-38882 | IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. IBM X-Force ID: 209164. | Spectrum_scale | 4.4 | ||
| 2019-12-11 | CVE-2019-4715 | IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 172093. | Spectrum_scale | 8.8 | ||
| 2020-04-03 | CVE-2020-4273 | IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977. | Spectrum_scale | 7.8 | ||
| 2020-05-27 | CVE-2020-4348 | IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414 | Spectrum_scale | 6.5 | ||
| 2020-05-27 | CVE-2020-4357 | IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761. | Spectrum_scale | 4.3 | ||
| 2020-10-20 | CVE-2020-4491 | IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991. | Spectrum_scale | 5.5 | ||
| 2021-06-01 | CVE-2021-29740 | IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474. | Spectrum_scale | 7.8 |