CVE-2018-1431

EPSS 0.05%
Veröffentlicht 13.06.2018 14:29:00
Zuletzt bearbeitet 21.11.2024 03:59:48
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ General Parallel File System Version >= 4.1.0.0 <= 4.1.0.8

Ibm ≫ Spectrum Scale Version >= 4.1.1.0 <= 4.1.1.19

Ibm ≫ Spectrum Scale Version >= 4.2.0.0 <= 4.2.0.4

Ibm ≫ Spectrum Scale Version >= 4.2.1.0 <= 4.2.1.2

Ibm ≫ Spectrum Scale Version >= 4.2.2.0 <= 4.2.2.3

Ibm ≫ Spectrum Scale Version >= 4.2.3.0 <= 4.2.3.8

Ibm ≫ Spectrum Scale Version >= 5.0.0.0 <= 5.0.0.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.15

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
psirt@us.ibm.com	7.4	1.4	5.9	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

http://www.ibm.com/support/docview.wss?uid=ssg1S1012049

Vendor Advisory

http://www.securityfocus.com/bid/105546

Third Party Advisory

VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/139240

Vendor Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2018-1431

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-1431

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-1431

EUVD