IBM Spectrum Scale 格式化字符串错误漏洞

🗓️ 31 May 2021 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 1 Views

IBM Spectrum Scale 存在格式化字符串错误漏洞，可被利用在进程内执行任意代码并提升权限。

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: A format string security vulnerability has been identified in IBM Spectrum Scale (CVE-2021-29740)	2 Jun 202110:44	–	ibm
IBM Security Bulletins	Security Bulletin: A format string vulnerability has been identified in IBM Spectrum Scale packaged in IBM ESS (CVE-2021-29740)	4 Jun 202117:28	–	ibm
IBM Security Bulletins	Security Bulletin: A format string vulnerability has been identified in IBM Spectrum Scale packaged in IBM Elastic Storage System (CVE-2021-29740)	4 Jun 202117:26	–	ibm
CNVD	IBM Spectrum Scale Elevation of Privilege Vulnerability (CNVD-2021-38676)	2 Jun 202100:00	–	cnvd
CVE	CVE-2021-29740	1 Jun 202114:05	–	cve
Cvelist	CVE-2021-29740	1 Jun 202114:05	–	cvelist
EUVD	EUVD-2021-16214	7 Oct 202500:30	–	euvd
NVD	CVE-2021-29740	1 Jun 202114:15	–	nvd
Prion	Format string	1 Jun 202114:15	–	prion

Source	Link
ibm	www.ibm.com/support/pages/node/6457629
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/201474
ibm	www.ibm.com/blogs/psirt/security-bulletin-a-format-string-security-vulnerability-has-been-identified-in-ibm-spectrum-scale-cve-2021-29740/
ibm	www.ibm.com/blogs/psirt/security-bulletin-a-format-string-vulnerability-has-been-identified-in-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-system-cve-2021-29740/
ibm	www.ibm.com/blogs/psirt/security-bulletin-a-format-string-security-vulnerability-has-been-identified-in-ibm-spectrum-scale-cve-2021-29740-2/

24 May 2026 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 27.2

CVSS 3.17.8

CVSS 38.4

EPSS0.00073

格式化字符串错误权限提升任意代码执行进程内执行