Vulnerability-Lookup - Search a vulnerability

CVE-2016-0263 (GCVE-0-2016-0263)

Vulnerability from cvelistv5

Published

2016-06-29 01:00

Modified

2024-08-05 22:15

Severity ?

CWE

n/a

Summary

IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.

References

►

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

CVE-2016-0392 (GCVE-0-2016-0392)

Vulnerability from cvelistv5

Published

2016-06-19 20:00

Modified

2024-08-05 22:15

Severity ?

CWE

n/a

Summary

IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.

References

►

URL

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Vulnerability from fkie_nvd

Published

2016-06-29 01:59

Modified

2025-04-12 10:46

Severity ?

7.0 (High) - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.

References

URL	Tags
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/90525
psirt@us.ibm.com	http://www.securitytracker.com/id/1036458
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/90525
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036458

Impacted products

Vendor	Product	Version
ibm	general_parallel_file_system_storage_server	3.5.0.1
ibm	general_parallel_file_system_storage_server	3.5.0.2
ibm	general_parallel_file_system_storage_server	3.5.0.3
ibm	general_parallel_file_system_storage_server	3.5.0.4
ibm	general_parallel_file_system_storage_server	3.5.0.5
ibm	general_parallel_file_system_storage_server	3.5.0.6
ibm	general_parallel_file_system_storage_server	3.5.0.7
ibm	general_parallel_file_system_storage_server	3.5.0.8
ibm	general_parallel_file_system_storage_server	3.5.0.9
ibm	general_parallel_file_system_storage_server	3.5.0.10
ibm	general_parallel_file_system_storage_server	3.5.0.11
ibm	general_parallel_file_system_storage_server	3.5.0.12
ibm	general_parallel_file_system_storage_server	3.5.0.13
ibm	general_parallel_file_system_storage_server	3.5.0.14
ibm	general_parallel_file_system_storage_server	3.5.0.15
ibm	general_parallel_file_system_storage_server	3.5.0.16
ibm	general_parallel_file_system_storage_server	3.5.0.17
ibm	general_parallel_file_system_storage_server	3.5.0.18
ibm	general_parallel_file_system_storage_server	3.5.0.19
ibm	general_parallel_file_system_storage_server	3.5.0.20
ibm	general_parallel_file_system_storage_server	3.5.0.21
ibm	general_parallel_file_system_storage_server	3.5.0.22
ibm	general_parallel_file_system_storage_server	3.5.0.23
ibm	general_parallel_file_system_storage_server	3.5.0.24
ibm	general_parallel_file_system_storage_server	3.5.0.25
ibm	general_parallel_file_system_storage_server	3.5.0.26
ibm	general_parallel_file_system_storage_server	3.5.0.27
ibm	general_parallel_file_system_storage_server	3.5.0.28
ibm	general_parallel_file_system_storage_server	3.5.0.29
ibm	spectrum_scale	4.1.1.1
ibm	spectrum_scale	4.1.1.2
ibm	spectrum_scale	4.1.1.3
ibm	spectrum_scale	4.1.1.4
ibm	spectrum_scale	4.2.0.0
ibm	spectrum_scale	4.2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3412A6B4-21C3-4567-BDA4-FF3EA66ABB0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D40637D-79CA-4CD3-8A0F-8573EFD51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "09352FA1-1E53-4DAA-8273-C39E9EC5C2C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C4C9F45-D5B9-477D-AC62-82586AE160FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A78ED9BF-05B8-4F07-8D48-EBE8005A64ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "77DD7E7D-4989-4645-8787-6B0FC8EBA71F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D123D10-A15F-40A2-9BF1-53269259CD73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "97697CA1-8158-4A3E-B9AA-2F61B527C620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "43DCAC50-7374-47A4-AA3B-AA53C3256CA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D0812E2-C758-45B2-ADCD-2D30195FCD4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "8819B3D7-E048-4CFD-A036-FF81DE14CA9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "61D20642-5AAB-47FE-A2BF-E820644C47B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "48D1B5ED-5EFD-486D-A3C4-267516D3A782",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F0D3631-DB5F-4412-A5C4-ABDFFC7C2C99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "02D54259-9F5B-4D41-9B54-B11578C4E933",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "92483FDC-8268-4675-B5D5-C9FF7C30A2B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE142AE0-00FF-4DD5-946C-681369771602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "764BE5C4-95AE-4CD4-8D45-E77007D6F1A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB0D90D-DAA1-4A04-B6EF-6ED0F232F2FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED096F25-D7F9-469D-A991-49B5A0DA8AC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "92502495-7607-4E4F-A111-43D0CB2AFD92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "79BD219A-FF2D-47F1-84BF-60DCE5AB11BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D3B9C0C-C25E-4DBC-AD79-8F2378DD5F09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "1008DB6C-FB3C-4DD1-B3D4-C5A2EFDF33EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "0092597F-578C-40E1-ABDD-D62FB92B8198",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBD083B7-D8CA-4735-BEC0-8043C4CA15B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "55502A4C-4CCC-4362-B5FA-1B604E1D22C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "0321017B-34E2-4DAD-A032-25695881342A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:3.5.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D900767-FCB0-4850-A175-4DAA404FC7A6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command."
    },
    {
      "lang": "es",
      "value": "IBM Spectrum Scale 4.1 en versiones anteriores a 4.1.1.5 y 4.2 en versiones anteriores a 4.2.0.2 y General Parallel File System 3.5 en versiones anteriores a 3.5.0.30 permiten a usuarios locales obtener privilegios o provocar una denegaci\u00f3n de servicio a trav\u00e9s de un comando mmapplypolicy manipulado."
    }
  ],
  "id": "CVE-2016-0263",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.0,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-29T01:59:03.743",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/90525"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1036458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/90525"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036458"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2016-06-19 20:59

Modified

2025-04-12 10:46

Severity ?

8.4 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.

References

URL	Tags
psirt@us.ibm.com	http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
psirt@us.ibm.com	http://www.securityfocus.com/archive/1/538620/100/0/threaded
psirt@us.ibm.com	http://www.securityfocus.com/bid/91082
psirt@us.ibm.com	http://www.securitytracker.com/id/1036458
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/538620/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91082
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036458

Impacted products

Vendor	Product	Version
ibm	elastic_storage_server	2.5.0
ibm	elastic_storage_server	2.5.1
ibm	elastic_storage_server	2.5.2
ibm	elastic_storage_server	2.5.3
ibm	elastic_storage_server	2.5.4
ibm	elastic_storage_server	2.5.5
ibm	elastic_storage_server	3.0.0
ibm	elastic_storage_server	3.0.1
ibm	elastic_storage_server	3.0.2
ibm	elastic_storage_server	3.0.3
ibm	elastic_storage_server	3.0.4
ibm	elastic_storage_server	3.0.5
ibm	elastic_storage_server	3.5.0
ibm	elastic_storage_server	3.5.1
ibm	elastic_storage_server	3.5.2
ibm	elastic_storage_server	3.5.3
ibm	elastic_storage_server	3.5.4
ibm	elastic_storage_server	4.0.0
ibm	elastic_storage_server	4.0.1
ibm	elastic_storage_server	4.0.2
ibm	general_parallel_file_system_storage_server	2.0.0
ibm	general_parallel_file_system_storage_server	2.0.1
ibm	general_parallel_file_system_storage_server	2.0.2
ibm	general_parallel_file_system_storage_server	2.0.3
ibm	general_parallel_file_system_storage_server	2.0.4
ibm	general_parallel_file_system_storage_server	2.0.5
ibm	general_parallel_file_system_storage_server	2.0.6
ibm	general_parallel_file_system_storage_server	2.0.7

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "53FCC98B-C3DD-48B2-A6FA-22374B91D1CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A843711-A1AD-43AC-99FC-A23E39CF8476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7B87732-A34F-4505-94C5-A17881A280B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A7A889-B6C6-4CB1-98C8-A8440D7941B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "76AA44DB-C844-40A9-B569-FB07453ADB75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:2.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D2F5A7B-F33D-4368-859B-6D24AB675D95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "040C52A2-B68B-4DB0-8DBF-A7281D9F0578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7364BE4-3D37-42B7-9BAF-E1080460B358",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "31B9F0F3-C6C9-4D7E-880B-D318680325D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7D7FC6B-6F57-4639-BA47-731150A7175F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5AAFF81-0BC5-4431-82B4-908E659ED126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B923C802-6F4B-4F66-B0B8-B2D2CCA49137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D69690CF-649D-4018-AE0D-72187A49BA9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C230002-378C-40A4-AE96-3675A23353E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A939106-3D65-4A0B-A914-86B4F9C72AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7F58C39-46E2-497D-91F0-FA76F648FA87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:3.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBEFE4B9-A114-462C-9A94-30F2B8CC8218",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D7652C-D51D-4935-B683-CFA60B0ACC41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "32BE17F3-D82E-4705-8D79-062CDD35E567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:elastic_storage_server:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB4EFB06-A10C-4D6D-A4FE-3BC9F6A284EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC87EDFE-E627-4D33-B693-9F8BFC7DC561",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "74348741-1592-4373-A9D4-F3BBF36BDC4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABAB72EE-D7ED-447D-8425-55113D30529F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E57B7ABB-38FF-4057-BAC8-50CDEC88FAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "96B30BDB-C7AD-4B31-829E-CB3BB056258B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B42F6EC-78D0-41BD-B211-DC1A8E951BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6FB480E-953E-46B3-8FA7-9E2904DFA726",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9C018BD-B065-43B6-9E2C-5BEB37811AA9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program."
    },
    {
      "lang": "es",
      "value": "IBM General Parallel File System (GPFS) en GPFS Storage Server 2.0.0 hasta la versi\u00f3n 2.0.7 y Elastic Storage Server 2.5.x hasta la versi\u00f3n 2.5.5, 3.x en versiones anteriores a 3.5.5 y 4.x en versiones anteriores a 4.0.3, seg\u00fan se distribuye en Spectrum Scale RAID, permite a usuarios locales obtener privilegios a trav\u00e9s de un par\u00e1metro manipulado en un programa setuid."
    }
  ],
  "id": "CVE-2016-0392",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 8.4,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-06-19T20:59:02.160",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/archive/1/538620/100/0/threaded"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/91082"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securitytracker.com/id/1036458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/538620/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91082"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036458"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerabilites related to ibm - general_parallel_file_system_storage_server

CVE-2016-0263 (GCVE-0-2016-0263)

Vulnerability from cvelistv5

CVE-2016-0392 (GCVE-0-2016-0392)

Vulnerability from cvelistv5

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd