Ibm

Spectrum Scale

57 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2021-29708

  • EPSS 0.05%
  • Published 25.05.2021 17:15:08
  • Last modified 21.11.2024 06:01:40

IBM Spectrum Scale 5.1.0.1 could allow a local with access to the GUI pod container to obtain sensitive cryptographic keys that could allow them to elevate their privileges. IBM X-Force ID: 200883.

6

CVE-2020-4981

  • EPSS 0.04%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 05:33:30

IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541.

5.4

CVE-2021-29666

  • EPSS 0.16%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 06:01:36

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...

7.8

CVE-2021-29667

  • EPSS 0.31%
  • Published 27.04.2021 17:15:08
  • Last modified 21.11.2024 06:01:36

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 19940...

3.3

CVE-2021-29671

  • EPSS 0.04%
  • Published 09.04.2021 17:15:16
  • Last modified 21.11.2024 06:01:37

IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.

5.5

CVE-2020-4891

  • EPSS 0.04%
  • Published 16.03.2021 14:15:13
  • Last modified 21.11.2024 05:33:22

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974.

4.4

CVE-2020-4890

  • EPSS 0.04%
  • Published 16.03.2021 14:15:13
  • Last modified 21.11.2024 05:33:22

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM X-Force ID: 190973.

5.5

CVE-2020-4851

  • EPSS 0.05%
  • Published 16.03.2021 14:15:13
  • Last modified 21.11.2024 05:33:19

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.

3.3

CVE-2020-4889

  • EPSS 0.04%
  • Published 26.01.2021 15:15:13
  • Last modified 21.11.2024 05:33:22

IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.

5.5

CVE-2020-4756

  • EPSS 0.05%
  • Published 20.10.2020 15:15:13
  • Last modified 21.11.2024 05:33:12

IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash th...