Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Spectrum_scale
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 56 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-03-09 | CVE-2020-4217 | The IBM Spectrum Scale 4.2 and 5.0 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 175067. | Spectrum_scale | 7.5 | ||
| 2020-03-31 | CVE-2020-4241 | IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418. | Spectrum_protect_plus, Spectrum_scale | 8.8 | ||
| 2020-03-31 | CVE-2020-4242 | IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175419. | Spectrum_protect_plus, Spectrum_scale | 8.8 | ||
| 2020-04-03 | CVE-2020-4273 | IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977. | Spectrum_scale | 7.8 | ||
| 2020-05-19 | CVE-2020-4411 | The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | Spectrum_scale | 7.1 | ||
| 2020-05-19 | CVE-2020-4412 | The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 179987. | Spectrum_scale | 5.3 | ||
| 2020-05-27 | CVE-2020-4348 | IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414 | Spectrum_scale | 6.5 | ||
| 2020-05-27 | CVE-2020-4349 | IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423. | Spectrum_scale | 7.5 | ||
| 2020-05-27 | CVE-2020-4350 | IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424. | Spectrum_scale | 7.5 | ||
| 2020-05-27 | CVE-2020-4357 | IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761. | Spectrum_scale | 4.3 |