A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.
Max CVSS
7.8
EPSS Score
0.04%
Published
2018-06-13
Updated
2019-10-09
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
Max CVSS
9.0
EPSS Score
4.64%
Published
2017-02-01
Updated
2017-02-15
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.
Max CVSS
7.0
EPSS Score
0.04%
Published
2016-11-25
Updated
2016-11-28
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
Max CVSS
7.0
EPSS Score
0.04%
Published
2016-11-25
Updated
2016-11-28
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-10-26
Updated
2016-12-06
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.64%
Published
2015-03-24
Updated
2016-12-31
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2015-03-24
Updated
2016-12-31
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!