VYPR

Spectrum Scale

by IBM

CVEs (63)

  • CVE-2020-4748Oct 20, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2020-4491Oct 20, 2020
    risk 0.00cvss epss 0.00

    IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991.

  • CVE-2020-4492Aug 31, 2020
    risk 0.00cvss epss 0.00

    IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. IBM X-Force ID: 181992.

  • CVE-2020-4383Aug 24, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.5 could allow an authenticated user to cause a denial of service during deployment while configuring some of the network services. IBM X-Force ID: 179165.

  • CVE-2020-4379May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.

  • CVE-2020-4378May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157.

  • CVE-2020-4358May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM…

  • CVE-2020-4357May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761.

  • CVE-2020-4350May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424.

  • CVE-2020-4349May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423.

  • CVE-2020-4348May 27, 2020
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414

  • CVE-2020-4412May 19, 2020
    risk 0.00cvss epss 0.01

    The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the…

  • CVE-2020-4411May 19, 2020
    risk 0.00cvss epss 0.00

    The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this…

  • CVE-2020-4273Apr 3, 2020
    risk 0.00cvss epss 0.00

    IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. IBM X-Force ID: 175977.

  • CVE-2020-4242Mar 31, 2020
    risk 0.00cvss epss 0.05

    IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on…

  • CVE-2020-4217Mar 9, 2020
    risk 0.00cvss epss 0.01

    The IBM Spectrum Scale 4.2 and 5.0 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the…

  • CVE-2019-4715Dec 11, 2019
    risk 0.00cvss epss 0.04

    IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 172093.

  • CVE-2019-4665Dec 11, 2019
    risk 0.00cvss epss 0.01

    IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:…

  • CVE-2019-4558Oct 9, 2019
    risk 0.00cvss epss 0.01

    A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files.

  • CVE-2019-4259May 13, 2019
    risk 0.00cvss epss 0.00

    A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011.