Lucene search

[email protected]CVE-2023-30434

HistoryMay 05, 2023 - 3:15 p.m.

CVE-2023-30434

2023-05-0515:15:10

CWE-20

[email protected]

web.nvd.nist.gov

ibm

storage

scale

vulnerability

kernel panic

nvd

x-force id 252187

cve-2023-30434

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.

Affected configurations

Vulners

NVD

Node

ibmelastic_storage_systemRange6.1.0.0–6.1.2.5

ibmelastic_storage_systemRange6.1.3.0–6.1.6.0

ibmspectrum_scaleRange5.1.0.0–5.1.2.9

ibmspectrum_scaleRange5.1.3.0–5.1.6.1

VendorProductVersionCPE
ibmelastic_storage_system*cpe:2.3:a:ibm:elastic_storage_system:*:*:*:*:*:*:*:*
ibmelastic_storage_system*cpe:2.3:a:ibm:elastic_storage_system:*:*:*:*:*:*:*:*
ibmspectrum_scale*cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*
ibmspectrum_scale*cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	elastic_storage_system	*	cpe:2.3:a:ibm:elastic_storage_system::::::::
ibm	elastic_storage_system	*	cpe:2.3:a:ibm:elastic_storage_system::::::::
ibm	spectrum_scale	*	cpe:2.3:a:ibm:spectrum_scale::::::::
ibm	spectrum_scale	*	cpe:2.3:a:ibm:spectrum_scale::::::::

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Elastic Storage System",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "6.1.2.5",
        "status": "affected",
        "version": "6.1.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "6.1.6.0",
        "status": "affected",
        "version": "6.1.3.0",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Spectrum Scale",
    "vendor": "IBM",
    "versions": [
      {
        "lessThanOrEqual": "5.1.2.9",
        "status": "affected",
        "version": "5.1.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "5.1.6.1",
        "status": "affected",
        "version": "5.1.3.0",
        "versionType": "semver"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/252187

www.ibm.com/support/pages/node/6988363

www.ibm.com/support/pages/node/6988365

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-30434

cvelist1 nvd1 prion1 ibm2