Spectrum Scale
by IBM
CVEs (8)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-6115 | Hig | 0.47 | 7.2 | 0.04 | Feb 1, 2017 | IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash. | |
| CVE-2016-2985 | Hig | 0.46 | 7.0 | 0.00 | Nov 25, 2016 | IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program. | |
| CVE-2016-0263 | Hig | 0.46 | 7.0 | 0.00 | Jun 29, 2016 | IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command. | |
| CVE-2015-7456 | Med | 0.42 | 6.5 | 0.00 | Jan 1, 2016 | IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors. | |
| CVE-2015-7488 | Med | 0.38 | 5.9 | 0.00 | Jan 27, 2016 | IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in certain LDAP File protocol configurations, allows remote attackers to discover an LDAP password via unspecified vectors. | |
| CVE-2015-7403 | Med | 0.26 | 4.0 | 0.00 | Jan 2, 2016 | IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors. | |
| CVE-2015-4981 | 0.00 | — | 0.00 | Oct 26, 2015 | IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors. | ||
| CVE-2015-4974 | 0.00 | — | 0.00 | Oct 26, 2015 | IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors. |