Vulnerabilites related to ibm - general_parallel_file_system
Vulnerability from fkie_nvd
Published
2018-03-02 17:29
Modified
2024-11-21 03:22
Severity ?
4.0 (Medium) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ssg1S1010869 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1040747 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/133378 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ssg1S1010869 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040747 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/133378 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | 5.0.0.0 | |
| ibm | general_parallel_file_system | 4.1.0.0 | |
| ibm | general_parallel_file_system | 4.1.0.1 | |
| ibm | general_parallel_file_system | 4.1.0.2 | |
| ibm | general_parallel_file_system | 4.1.0.3 | |
| ibm | general_parallel_file_system | 4.1.0.4 | |
| ibm | general_parallel_file_system | 4.1.0.5 | |
| ibm | general_parallel_file_system | 4.1.0.6 | |
| ibm | general_parallel_file_system | 4.1.0.7 | |
| ibm | general_parallel_file_system | 4.1.0.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FFC783AA-F7AA-40A1-8277-214F0D8B118A",
"versionEndIncluding": "4.1.1.18",
"versionStartIncluding": "4.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D23238D-249E-4DE9-9AD1-561EFB0B8518",
"versionEndIncluding": "4.2.0.4",
"versionStartIncluding": "4.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "208F0B90-ABE8-40DA-8344-39C7815B3116",
"versionEndIncluding": "4.2.1.2",
"versionStartIncluding": "4.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D93CD87-07E5-4020-9383-CFE6219BD243",
"versionEndIncluding": "4.2.2.3",
"versionStartIncluding": "4.2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6305DEAF-8694-4BCD-8974-A5270268DC79",
"versionEndIncluding": "4.2.3.6",
"versionStartIncluding": "4.2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86C6E40C-8563-438B-AA6A-1C716B6FF1D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378."
},
{
"lang": "es",
"value": "IBM Spectrum Scale 4.1.1 y 4.2.0 - 4.2.3 podr\u00eda permitir que un usuario local sin privilegios acceda a informaci\u00f3n situada en archivos de volcado. Los datos de usuario podr\u00edan enviarse a IBM durante las interacciones del servicio. IBM X-Force ID: 133378."
}
],
"id": "CVE-2017-1654",
"lastModified": "2024-11-21T03:22:10.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-02T17:29:00.217",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040747"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040747"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-02-04 05:39
Modified
2025-04-11 00:51
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56C57F65-F211-4558-8714-A678D32923AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E962B0E-F613-495B-AFC0-448ACE127E44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "71BA8C20-6B88-47B8-B819-79964A96258C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4A032F6B-8916-401D-8F4F-074F9F4EF44F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "718CCCA8-75CA-409B-AF53-2942EE6664E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "349E4748-4000-4994-8784-FFE78BB7251E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3C7894CE-38BA-46F2-9935-E0A9A3FD9305",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "303B905A-ED7C-495B-95F9-CD05D8F6C5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EE704025-6A5B-406D-9888-2C49ED534725",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6242F401-E3CB-4B9E-AA18-8D9E6088723B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5DA8FA96-9309-44B6-A070-D39BF167658D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7D7AD0BC-A6CA-4291-B706-3CC879DFD093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B034B6-C0D7-49F9-B9CF-D73184F9AF78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "99F8E7C4-D544-4EDA-8B36-6B35EFDCDB70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC11178-3037-42A2-8300-EEEFAAC33BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A7DCF3-4A54-4D17-89FC-3D68F28260CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE8DBF4-068C-47E3-A359-ACF83FD37E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "095C8F7D-7AA4-4C5F-85FC-9D25C55FFB57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "46886383-6EA7-45B5-8A28-13AA1F470193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "BD678D34-0B4A-43A2-A186-A2EEB123E9F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7604EE28-5F33-4B33-B296-C859AE5D1C9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "8C9361CF-1EFC-4CE9-96E5-9891C09A7AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "6B419D59-6BE4-44E0-9462-7EE53DDC1DED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A6106B-48DC-48AA-A7C8-08737D0FEF3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "B5948593-856C-4312-BBBA-AB5DFA0C88E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B735AA83-86D2-4CA6-B8AE-8717F136BB77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "121986ED-8964-4644-B835-1C95BF3FAC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.4 hasta 3.4.0.27 y 3.5 hasta 3.5.0.16 permite a atacantes causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de argumentos manipulados hacia un programa con el setuid activado."
}
],
"id": "CVE-2014-0834",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-04T05:39:08.527",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://osvdb.org/102765"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52863"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV54381"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/65297"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90647"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/102765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV54381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90647"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-24 02:01
Modified
2025-04-12 10:46
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 3.4 | |
| ibm | general_parallel_file_system | 3.5 | |
| ibm | general_parallel_file_system | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C20DD7-88C1-4916-A063-878C95900841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE25822-329B-435C-B542-CD108A490FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.4 anterior a 3.4.0.32, 3.5 anterior a 3.5.0.24, y 4.1 anterior a 4.1.0.7 permite a usuarios locales obtener privilegios root para la ejecuci\u00f3n de programas a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-0197",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-24T02:01:39.620",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/73282"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032880"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-13 14:29
Modified
2024-11-21 03:59
Severity ?
7.4 (High) - CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ssg1S1012049 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/105546 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/139240 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ssg1S1012049 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105546 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/139240 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * | |
| ibm | spectrum_scale | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C32D85DB-9354-491F-8D25-5D142E6C3EAF",
"versionEndIncluding": "4.1.0.8",
"versionStartIncluding": "4.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70A040E8-E448-4C24-A3CE-D9EEB520CF46",
"versionEndIncluding": "4.1.1.19",
"versionStartIncluding": "4.1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D23238D-249E-4DE9-9AD1-561EFB0B8518",
"versionEndIncluding": "4.2.0.4",
"versionStartIncluding": "4.2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "208F0B90-ABE8-40DA-8344-39C7815B3116",
"versionEndIncluding": "4.2.1.2",
"versionStartIncluding": "4.2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4D93CD87-07E5-4020-9383-CFE6219BD243",
"versionEndIncluding": "4.2.2.3",
"versionStartIncluding": "4.2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE750276-0258-460A-8689-DCCE6BC56A3C",
"versionEndIncluding": "4.2.3.8",
"versionStartIncluding": "4.2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F67A879-9876-4F12-99CC-0F862168F2A7",
"versionEndIncluding": "5.0.0.2",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240."
},
{
"lang": "es",
"value": "Una vulnerabilidad en GSKit afecta a IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3 y 5.0.0 y podr\u00eda permitir que un atacante local obtenga el control del demonio Spectrum Scale, acceda y modifique archivos en el sistema de archivos de Spectrum Scale y, posiblemente, obtenga privilegios de administrador en el nodo. IBM X-Force ID: 139240."
}
],
"id": "CVE-2018-1431",
"lastModified": "2024-11-21T03:59:48.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-13T14:29:00.430",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105546"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 22:59
Modified
2025-04-20 01:37
Severity ?
Summary
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ssg1S1009639 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/95272 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ssg1S1009639 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/95272 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 4.1.0.0 | |
| ibm | general_parallel_file_system | 4.1.0.1 | |
| ibm | general_parallel_file_system | 4.1.0.2 | |
| ibm | general_parallel_file_system | 4.1.0.3 | |
| ibm | general_parallel_file_system | 4.1.0.4 | |
| ibm | general_parallel_file_system | 4.1.0.5 | |
| ibm | general_parallel_file_system | 4.1.0.6 | |
| ibm | general_parallel_file_system | 4.1.0.7 | |
| ibm | general_parallel_file_system | 4.1.0.8 | |
| ibm | spectrum_scale | 4.1.0.0 | |
| ibm | spectrum_scale | 4.1.1.0 | |
| ibm | spectrum_scale | 4.1.1.1 | |
| ibm | spectrum_scale | 4.1.1.2 | |
| ibm | spectrum_scale | 4.1.1.3 | |
| ibm | spectrum_scale | 4.1.1.4 | |
| ibm | spectrum_scale | 4.1.1.5 | |
| ibm | spectrum_scale | 4.1.1.6 | |
| ibm | spectrum_scale | 4.1.1.7 | |
| ibm | spectrum_scale | 4.1.1.8 | |
| ibm | spectrum_scale | 4.1.1.9 | |
| ibm | spectrum_scale | 4.1.1.10 | |
| ibm | spectrum_scale | 4.2.0.0 | |
| ibm | spectrum_scale | 4.2.0.1 | |
| ibm | spectrum_scale | 4.2.0.2 | |
| ibm | spectrum_scale | 4.2.0.3 | |
| ibm | spectrum_scale | 4.2.1 | |
| ibm | spectrum_scale | 4.2.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09C3AC64-B03E-4C63-B47D-608795A24321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "07B77EAE-2C00-4FC9-82F1-42638E7948A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B33EDF97-2750-4041-BCA3-77E1235173AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36357865-3811-45EF-98CB-0FA7D2FC0497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E32967B-9D22-4120-8C58-FCCC2ECC424F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash."
},
{
"lang": "es",
"value": "IBM General Parallel File System es vulnerable a un desbordamiento de b\u00fafer. Un atacante remoto autenticado podr\u00eda desbordar un b\u00fafer y ejecutar c\u00f3digo arbitrario en el sistema con privilegios de root o provocar que el servidor se caiga."
}
],
"id": "CVE-2016-6115",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T22:59:00.697",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95272"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-24 02:01
Modified
2025-04-12 10:46
Severity ?
Summary
The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 3.4 | |
| ibm | general_parallel_file_system | 3.5 | |
| ibm | general_parallel_file_system | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C20DD7-88C1-4916-A063-878C95900841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE25822-329B-435C-B542-CD108A490FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls."
},
{
"lang": "es",
"value": "El m\u00f3dulo del kernel mmfslinux en IBM General Parallel File System (GPFS) 3.4 anterior a 3.4.0.32, 3.5 anterior a 3.5.0.24, y 4.1 anterior a 4.1.0.7 permite a usuarios locales causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de llamadas a ioctl \u0027character-device\u0027 no especificadas."
}
],
"id": "CVE-2015-0199",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-24T02:01:41.247",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/73283"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032880"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-25 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC456A68-AF06-4862-A8FF-DF96A398C25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78041991-E33E-4A0F-85A9-07ABC30253F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E001E389-CF46-4F25-825C-42D74449AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "46BFDF57-1CF3-45FA-9989-E77D96CEE291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "32051A82-BF76-439B-8D8C-B8EE5B6EAEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5F15DE88-ED1E-48B7-A5F2-73278987B4B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE29E4D-65DE-4DEF-962D-2ECE5D62A846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."
},
{
"lang": "es",
"value": "IBM Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.8 y 4.2.x en versiones anteriores a 4.2.0.4 y General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.32 y 4.1.x en versiones anteriores a 4.1.1.8 permiten a usuarios locales obtener privilegios a trav\u00e9s de variables de entorno manipuladas a un programa setuid /usr/lpp/mmfs/bin/."
}
],
"id": "CVE-2016-2985",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-25T03:59:03.203",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/92408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92408"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-02 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 3.5 | |
| ibm | spectrum_scale | 4.1.1.0 | |
| ibm | spectrum_scale | 4.1.1.1 | |
| ibm | spectrum_scale | 4.1.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors."
},
{
"lang": "es",
"value": "IBM Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.3 y General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.29 y 4.1.x hasta la versi\u00f3n 4.1.0.8 en AIX permite a usuarios locales provocar una denegaci\u00f3n de servicio (referencia a puntero incorrecta y ca\u00edda de nodo) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-7403",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-02T21:59:04.453",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/79805"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/79805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035094"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-11-25 03:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC456A68-AF06-4862-A8FF-DF96A398C25B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78041991-E33E-4A0F-85A9-07ABC30253F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E001E389-CF46-4F25-825C-42D74449AEBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "46BFDF57-1CF3-45FA-9989-E77D96CEE291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "32051A82-BF76-439B-8D8C-B8EE5B6EAEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5F15DE88-ED1E-48B7-A5F2-73278987B4B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AEE29E4D-65DE-4DEF-962D-2ECE5D62A846",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program."
},
{
"lang": "es",
"value": "IBM Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.8 y 4.2.x en versiones anteriores a 4.2.0.4 y General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.32 y 4.1.x en versiones anteriores a 4.1.1.8 permiten a usuarios locales obtener privilegios a trav\u00e9s de par\u00e1metros de l\u00ednea de comando manipulados a un programa setuid /usr/lpp/mmfs/bin/."
}
],
"id": "CVE-2016-2984",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-11-25T03:59:01.670",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/92410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/92410"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-26 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.27 y 4.1.x en versiones anteriores a 4.1.1.2 y Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.2 permite a usuarios locales obtener privilegios de root para ejecuci\u00f3n de comandos a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-4974",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-26T02:59:00.107",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/77025"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035094"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-10-26 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.5.x en versiones anteriores a 3.5.0.27 y 4.1.x en versiones anteriores a 4.1.1.2 y Spectrum Scale 4.1.1.x en versiones anteriores a 4.1.1.2 permite a usuarios locales obtener informaci\u00f3n sensible desde la memoria del sistema a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-4981",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-10-26T02:59:01.607",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/77027"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035094"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-08-08 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 3.5 | |
| ibm | general_parallel_file_system | 3.5.0.3 | |
| ibm | general_parallel_file_system | 3.5.0.7 | |
| ibm | general_parallel_file_system | 3.5.0.9 | |
| ibm | general_parallel_file_system | 3.5.0.11 | |
| ibm | general_parallel_file_system | 3.5.0.16 | |
| ibm | general_parallel_file_system | 4.1.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.5 en versiones anteriores a 3.5.0.29 efix 6 y 4.1.1 en versiones anteriores a 4.1.1.4 efix 9, cuando se utiliza Spectrum Scale GUI con DB2 en Linux, UNIX y Windows, permite a usuarios remotos autenticados obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, como se demuestra descubriendo contrase\u00f1as ADMIN."
}
],
"id": "CVE-2016-0361",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-08T01:59:03.837",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/90550"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1036455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/90550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1036455"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-24 02:01
Modified
2025-04-12 10:46
Severity ?
Summary
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 3.4 | |
| ibm | general_parallel_file_system | 3.5 | |
| ibm | general_parallel_file_system | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C20DD7-88C1-4916-A063-878C95900841",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7F13ADEA-CFB7-4302-B7F2-74EF70F08FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE25822-329B-435C-B542-CD108A490FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors."
},
{
"lang": "es",
"value": "IBM General Parallel File System (GPFS) 3.4 anterior a 3.4.0.32, 3.5 anterior a 3.5.0.24, y 4.1 anterior a 4.1.0.7 en ciertas configuraciones cipherList permite a atacantes remotos evadir la autenticaci\u00f3n y ejecutar programas arbitrarios como root a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2015-0198",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-24T02:01:40.463",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/73278"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/73278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032880"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-06 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=isg3T1022077 | Patch, Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/73918 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=isg3T1022077 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/73918 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | general_parallel_file_system | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BE25822-329B-435C-B542-CD108A490FB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
},
{
"lang": "es",
"value": "/usr/lpp/mmfs/bin/gpfs.snap en IBM General Parallel File System (GPFS) 4.1 anterior a 4.1.0.7 produce un archivo que potencialmente contiene claves en texto claro, y le falta un aviso sobre la revisi\u00f3n de este archivo para detectar las claves incluidas, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible mediante el aprovechamiento del acceso a una cadena de datos del soporte t\u00e9cnico."
}
],
"id": "CVE-2015-1890",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-04-06T00:59:05.300",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/73918"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-2985 (GCVE-0-2016-2985)
Vulnerability from cvelistv5
Published
2016-11-25 03:38
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92408",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92408"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "92408",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92408"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92408",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92408"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2985",
"datePublished": "2016-11-25T03:38:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1890 (GCVE-0-2015-1890)
Vulnerability from cvelistv5
Published
2015-04-06 00:00
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73918",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73918"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-22T16:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "73918",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73918"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1890",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73918"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=isg3T1022077"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1890",
"datePublished": "2015-04-06T00:00:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.511Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0199 (GCVE-0-2015-0199)
Vulnerability from cvelistv5
Published
2015-03-24 01:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"name": "73283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73283"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"name": "73283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73283"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"name": "73283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73283"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0199",
"datePublished": "2015-03-24T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1654 (GCVE-0-2017-1654)
Vulnerability from cvelistv5
Published
2018-03-02 17:00
Modified
2024-09-16 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Obtain Information
Summary
IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Spectrum Scale |
Version: 4.1.1 Version: 4.2.0 Version: 4.2.1 Version: 4.2.2 Version: 4.2.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:39:31.875Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378"
},
{
"name": "1040747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Scale",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.2.0"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.2.3"
}
]
}
],
"datePublic": "2018-02-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:N/AC:L/AV:L/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-25T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378"
},
{
"name": "1040747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-02-26T00:00:00",
"ID": "CVE-2017-1654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Scale",
"version": {
"version_data": [
{
"version_value": "4.1.1"
},
{
"version_value": "4.2.0"
},
{
"version_value": "4.2.1"
},
{
"version_value": "4.2.2"
},
{
"version_value": "4.2.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. IBM X-Force ID: 133378."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "L",
"C": "L",
"I": "N",
"PR": "N",
"S": "U",
"UI": "N"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/133378"
},
{
"name": "1040747",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040747"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1010869"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1654",
"datePublished": "2018-03-02T17:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T18:54:11.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1431 (GCVE-0-2018-1431)
Vulnerability from cvelistv5
Published
2018-06-13 14:00
Modified
2024-09-17 00:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Spectrum Scale |
Version: 4.1.1 Version: 4.2.0 Version: 4.2.1 Version: 4.2.2 Version: 4.2.3 Version: 5.0.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:59:39.022Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-spectrum-cve20181431-priv-escalation(139240)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240"
},
{
"name": "105546",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105546"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Scale",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.2.0"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
},
{
"status": "affected",
"version": "4.2.3"
},
{
"status": "affected",
"version": "5.0.0"
}
]
}
],
"datePublic": "2018-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 6.4,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:H/AC:H/AV:L/C:H/I:H/PR:N/S:U/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-spectrum-cve20181431-priv-escalation(139240)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240"
},
{
"name": "105546",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105546"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-06-11T00:00:00",
"ID": "CVE-2018-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Scale",
"version": {
"version_data": [
{
"version_value": "4.1.1"
},
{
"version_value": "4.2.0"
},
{
"version_value": "4.2.1"
},
{
"version_value": "4.2.2"
},
{
"version_value": "4.2.3"
},
{
"version_value": "5.0.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "H",
"AV": "L",
"C": "H",
"I": "H",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-spectrum-cve20181431-priv-escalation(139240)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/139240"
},
{
"name": "105546",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105546"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1012049"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2018-1431",
"datePublished": "2018-06-13T14:00:00Z",
"dateReserved": "2017-12-13T00:00:00",
"dateUpdated": "2024-09-17T00:26:35.956Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-0834 (GCVE-0-2014-0834)
Vulnerability from cvelistv5
Published
2014-02-04 02:00
Modified
2024-08-06 09:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:27:20.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542"
},
{
"name": "65297",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/65297"
},
{
"name": "ibm-gpfs-cve20140834-dos(90647)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90647"
},
{
"name": "IV52863",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52863"
},
{
"name": "102765",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/102765"
},
{
"name": "IV54381",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV54381"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542"
},
{
"name": "65297",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/65297"
},
{
"name": "ibm-gpfs-cve20140834-dos(90647)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90647"
},
{
"name": "IV52863",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52863"
},
{
"name": "102765",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/102765"
},
{
"name": "IV54381",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV54381"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020542"
},
{
"name": "65297",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65297"
},
{
"name": "ibm-gpfs-cve20140834-dos(90647)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90647"
},
{
"name": "IV52863",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV52863"
},
{
"name": "102765",
"refsource": "OSVDB",
"url": "http://osvdb.org/102765"
},
{
"name": "IV54381",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV54381"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0834",
"datePublished": "2014-02-04T02:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:27:20.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2984 (GCVE-0-2016-2984)
Vulnerability from cvelistv5
Published
2016-11-25 03:38
Modified
2024-08-05 23:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:40:14.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "92410",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92410"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "92410",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92410"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-2984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "92410",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92410"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-2984",
"datePublished": "2016-11-25T03:38:00",
"dateReserved": "2016-03-09T00:00:00",
"dateUpdated": "2024-08-05T23:40:14.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6115 (GCVE-0-2016-6115)
Vulnerability from cvelistv5
Published
2017-02-01 22:00
Modified
2024-08-06 01:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Spectrum Scale |
Version: 4.1.1 Version: 4.2.0 Version: 4.2.1 Version: 4.2.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95272"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Spectrum Scale",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "4.1.1"
},
{
"status": "affected",
"version": "4.2.0"
},
{
"status": "affected",
"version": "4.2.1"
},
{
"status": "affected",
"version": "4.2.2"
}
]
}
],
"datePublic": "2017-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-02T10:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "95272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95272"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6115",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Scale",
"version": {
"version_data": [
{
"version_value": "4.1.1"
},
{
"version_value": "4.2.0"
},
{
"version_value": "4.2.1"
},
{
"version_value": "4.2.2"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95272"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009639"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6115",
"datePublished": "2017-02-01T22:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0197 (GCVE-0-2015-0197)
Vulnerability from cvelistv5
Published
2015-03-24 01:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.041Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"name": "73282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"name": "73282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1032880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
},
{
"name": "73282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0197",
"datePublished": "2015-03-24T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.041Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-7403 (GCVE-0-2015-7403)
Vulnerability from cvelistv5
Published
2016-01-02 21:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:51:27.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "79805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/79805"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "79805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/79805"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-7403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452"
},
{
"name": "1035094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "79805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/79805"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-7403",
"datePublished": "2016-01-02T21:00:00",
"dateReserved": "2015-09-29T00:00:00",
"dateUpdated": "2024-08-06T07:51:27.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0361 (GCVE-0-2016-0361)
Vulnerability from cvelistv5
Published
2016-08-08 01:00
Modified
2024-08-05 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:15:24.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036455",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036455"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595"
},
{
"name": "90550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "1036455",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036455"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595"
},
{
"name": "90550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-0361",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036455",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036455"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21986595"
},
{
"name": "90550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-0361",
"datePublished": "2016-08-08T01:00:00",
"dateReserved": "2015-12-08T00:00:00",
"dateUpdated": "2024-08-05T22:15:24.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4981 (GCVE-0-2015-4981)
Vulnerability from cvelistv5
Published
2015-10-26 01:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "77027",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77027"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "77027",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77027"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4981",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "77027",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77027"
},
{
"name": "1035094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4981",
"datePublished": "2015-10-26T01:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.539Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0198 (GCVE-0-2015-0198)
Vulnerability from cvelistv5
Published
2015-03-24 01:00
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "73278",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/73278"
},
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-29T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "73278",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/73278"
},
{
"name": "1032880",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0198",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "73278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73278"
},
{
"name": "1032880",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032880"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21902662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0198",
"datePublished": "2015-03-24T01:00:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-4974 (GCVE-0-2015-4974)
Vulnerability from cvelistv5
Published
2015-10-26 01:00
Modified
2024-08-06 06:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:32:31.880Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "77025",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-02T20:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "1035094",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "77025",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-4974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005366"
},
{
"name": "1035094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035094"
},
{
"name": "77025",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77025"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972152"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-4974",
"datePublished": "2015-10-26T01:00:00",
"dateReserved": "2015-06-24T00:00:00",
"dateUpdated": "2024-08-06T06:32:31.880Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}