Vulnerability Details : CVE-2015-0197
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
Products affected by CVE-2015-0197
- cpe:2.3:a:ibm:general_parallel_file_system:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-0197
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-0197
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
CWE ids for CVE-2015-0197
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-0197
-
http://www-304.ibm.com/support/docview.wss?uid=swg21902662
IBM Security Bulletin: Multiple vulnerabilities in GPFS affects IBM® DB2® LUW on AIX and Linux (CVE-2015-0197, CVE-2015-0198, CVE-2015-0199)
-
http://www.securitytracker.com/id/1032880
IBM DB2 Lets Local and Remote Users Gain Root Privileges and Local Users Deny Service - SecurityTracker
-
http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062
IBM Security Bulletin: IBM General Parallel File System is affected by security vulnerabilities (CVE-2015-0197, CVE-2015-0198, CVE-2015-0199)Vendor Advisory;Patch
-
http://www.securityfocus.com/bid/73282
IBM General Parallel File System CVE-2015-0197 Unspecified Local Privilege Escalation Vulnerability
Jump to