Total
14 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1431 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240. | |||||
CVE-2017-1654 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 2.1 LOW | 3.3 LOW |
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378. | |||||
CVE-2016-2984 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 6.9 MEDIUM | 7.0 HIGH |
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program. | |||||
CVE-2016-2985 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 6.9 MEDIUM | 7.0 HIGH |
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program. | |||||
CVE-2016-6115 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 9.0 HIGH | 7.2 HIGH |
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash. | |||||
CVE-2015-4974 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 7.2 HIGH | N/A |
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors. | |||||
CVE-2015-4981 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 2.1 LOW | N/A |
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors. | |||||
CVE-2015-7403 | 1 Ibm | 2 General Parallel File System, Spectrum Scale | 2024-02-04 | 2.1 LOW | 4.0 MEDIUM |
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors. | |||||
CVE-2016-0361 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords. | |||||
CVE-2015-1890 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 3.5 LOW | N/A |
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream. | |||||
CVE-2015-0197 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 7.2 HIGH | N/A |
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors. | |||||
CVE-2015-0198 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 10.0 HIGH | N/A |
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors. | |||||
CVE-2015-0199 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 4.9 MEDIUM | N/A |
The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls. | |||||
CVE-2014-0834 | 1 Ibm | 1 General Parallel File System | 2024-02-04 | 4.0 MEDIUM | N/A |
IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. |