Filtered by vendor Ibm
Subscriptions
Filtered by product Spectrum Scale
Subscriptions
Total
57 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-29666 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2021-05-07 | 5.4 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199400. | ||||
| CVE-2021-29667 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2021-05-05 | 7.8 High |
| IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 199403. | ||||
| CVE-2020-4851 | 1 Ibm | 1 Spectrum Scale | 2021-03-22 | 5.5 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450. | ||||
| CVE-2020-4891 | 1 Ibm | 1 Spectrum Scale | 2021-03-22 | 5.5 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974. | ||||
| CVE-2020-4889 | 2 Ibm, Linux | 2 Spectrum Scale, Linux Kernel | 2021-01-29 | 3.3 Low |
| IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971. | ||||
| CVE-2020-4756 | 1 Ibm | 2 Elastic Storage Server, Spectrum Scale | 2020-10-20 | 5.5 Medium |
| IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-Force ID: 188599. | ||||
| CVE-2020-4755 | 1 Ibm | 1 Spectrum Scale | 2020-10-20 | 5.4 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595. | ||||
| CVE-2020-4748 | 1 Ibm | 1 Spectrum Scale | 2020-10-20 | 6.1 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188517. | ||||
| CVE-2020-4749 | 1 Ibm | 1 Spectrum Scale | 2020-10-20 | 4.3 Medium |
| IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 188518. | ||||
| CVE-2020-4492 | 1 Ibm | 1 Spectrum Scale | 2020-08-31 | 5.5 Medium |
| IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. IBM X-Force ID: 181992. | ||||
| CVE-2018-1783 | 1 Ibm | 1 Spectrum Scale | 2020-08-24 | N/A |
| IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2) command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806. | ||||
| CVE-2020-4349 | 1 Ibm | 1 Spectrum Scale | 2020-05-27 | 7.5 High |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423. | ||||
| CVE-2020-4358 | 1 Ibm | 1 Spectrum Scale | 2020-05-27 | 5.4 Medium |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762. | ||||
| CVE-2020-4350 | 1 Ibm | 1 Spectrum Scale | 2020-05-27 | 7.5 High |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424. | ||||
| CVE-2020-4378 | 1 Ibm | 1 Spectrum Scale | 2020-05-27 | 4.9 Medium |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157. | ||||
| CVE-2020-4379 | 1 Ibm | 1 Spectrum Scale | 2020-05-27 | 7.5 High |
| IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158. | ||||
| CVE-2020-4411 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2020-05-19 | 7.1 High |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | ||||
| CVE-2020-4412 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2020-05-19 | 5.3 Medium |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 179987. | ||||
| CVE-2020-4242 | 1 Ibm | 2 Spectrum Protect Plus, Spectrum Scale | 2020-03-31 | 8.8 High |
| IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175419. | ||||
| CVE-2020-4241 | 1 Ibm | 2 Spectrum Protect Plus, Spectrum Scale | 2020-03-31 | 8.8 High |
| IBM Spectrum Scale and IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 175418. | ||||