The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale where an unprivileged user can cause a denial of service. A fix for this vulnerability is available.
CVEID:CVE-2020-4412
**DESCRIPTION:**The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 179987.
CVSS Base score: 5.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/179987 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
The Elastic Storage Server 5.3.0 through 5.3.5
The Elastic Storage Server 5.0.0 through 5.2.9
The Elastic Storage Server 4.5.0 through 4.6.0.0
The Elastic Storage Server 4.0.0 through 4.0.6.0
For IBM Elastic Storage Server V5.3.0. through V5.3.5, apply V5.3.6 available from FixCentral at:
For IBM Elastic Storage Server V5.0.0. through 5.2.9, apply V5.2.10 available from FixCentral at:
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm elastic storage server | eq | 5.3 |