CVE-2018-1431

EPSS 0.05%
Published 13.06.2018 14:29:00
Last modified 21.11.2024 03:59:48
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.

Affected products Warnungen 0 Metrics 4 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ General Parallel File System Version >= 4.1.0.0 <= 4.1.0.8

Ibm ≫ Spectrum Scale Version >= 4.1.1.0 <= 4.1.1.19

Ibm ≫ Spectrum Scale Version >= 4.2.0.0 <= 4.2.0.4

Ibm ≫ Spectrum Scale Version >= 4.2.1.0 <= 4.2.1.2

Ibm ≫ Spectrum Scale Version >= 4.2.2.0 <= 4.2.2.3

Ibm ≫ Spectrum Scale Version >= 4.2.3.0 <= 4.2.3.8

Ibm ≫ Spectrum Scale Version >= 5.0.0.0 <= 5.0.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.15

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
psirt@us.ibm.com	7.4	1.4	5.9	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

http://www.ibm.com/support/docview.wss?uid=ssg1S1012049

Vendor Advisory

http://www.securityfocus.com/bid/105546

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/139240

Vendor Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2018-1431

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-1431

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-1431

EUVD