Lucene search

IbmCVELIST:CVE-2021-29740

HistoryMay 31, 2021 - 12:00 a.m.

CVE-2021-29740

2021-05-3100:00:00

ibm

www.cve.org

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.6%

JSON

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.

CNA Affected

[
  {
    "product": "Spectrum Scale",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.0.0"
      },
      {
        "status": "affected",
        "version": "5.1.0"
      },
      {
        "status": "affected",
        "version": "5.0.5.6"
      },
      {
        "status": "affected",
        "version": "5.1.0.3"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/201474

www.ibm.com/support/pages/node/6457629

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.6%

JSON

Related for CVELIST:CVE-2021-29740