Lucene search

[email protected]CVE-2015-4974

HistoryOct 26, 2015 - 2:59 a.m.

CVE-2015-4974

2015-10-2602:59:00

CWE-77

[email protected]

web.nvd.nist.gov

ibm

gpfs

spectrum scale

cve-2015-4974

local privilege escalation

security vulnerability

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

4.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.

Affected configurations

NVD

Node

ibmgeneral_parallel_file_systemMatch3.5

ibmgeneral_parallel_file_systemMatch3.5.0.0

ibmgeneral_parallel_file_systemMatch3.5.0.2

ibmgeneral_parallel_file_systemMatch3.5.0.3

ibmgeneral_parallel_file_systemMatch3.5.0.4

ibmgeneral_parallel_file_systemMatch3.5.0.6

ibmgeneral_parallel_file_systemMatch3.5.0.7

ibmgeneral_parallel_file_systemMatch3.5.0.8

ibmgeneral_parallel_file_systemMatch3.5.0.9

ibmgeneral_parallel_file_systemMatch3.5.0.10

ibmgeneral_parallel_file_systemMatch3.5.0.11

ibmgeneral_parallel_file_systemMatch3.5.0.12

ibmgeneral_parallel_file_systemMatch3.5.0.13

ibmgeneral_parallel_file_systemMatch3.5.0.14

ibmgeneral_parallel_file_systemMatch3.5.0.15

ibmgeneral_parallel_file_systemMatch3.5.0.16

ibmgeneral_parallel_file_systemMatch3.5.0.17

ibmgeneral_parallel_file_systemMatch3.5.0.18

ibmgeneral_parallel_file_systemMatch3.5.0.19

ibmgeneral_parallel_file_systemMatch3.5.0.20

ibmgeneral_parallel_file_systemMatch3.5.0.21

ibmgeneral_parallel_file_systemMatch3.5.0.22

ibmgeneral_parallel_file_systemMatch3.5.0.23

ibmgeneral_parallel_file_systemMatch3.5.0.24

ibmgeneral_parallel_file_systemMatch3.5.0.25

ibmgeneral_parallel_file_systemMatch3.5.0.26

ibmspectrum_scaleMatch4.1.1.0

ibmspectrum_scaleMatch4.1.1.1

CPENameOperatorVersion
ibm:general_parallel_file_systemibm general parallel file systemeq3.5
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.0
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.2
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.3
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.4
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.6
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.7
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.8
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.9
ibm:general_parallel_file_systemibm general parallel file systemeq3.5.0.10

CPE	Name	Operator	Version
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.0
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.2
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.3
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.4
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.6
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.7
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.8
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.9
ibm:general_parallel_file_system	ibm general parallel file system	eq	3.5.0.10

Rows per page:

1-10 of 281

References

www-01.ibm.com/support/docview.wss?uid=ssg1S1005366

www-01.ibm.com/support/docview.wss?uid=swg21972152

www.securityfocus.com/bid/77025

www.securitytracker.com/id/1035094

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

4.2 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2015-4974

prion1 nvd1 cvelist1 ibm8