Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM8FA0435CE242976B6A45CD955181FDE5E7CA3B1930BFD5747DEFF770FFCEEC1F
HistoryApr 22, 2020 - 6:36 p.m.

Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where an unprivileged user could execute commands as root ( CVE-2020-4273)

2020-04-2218:36:36
www.ibm.com
4

0.0004 Low

EPSS

Percentile

12.8%

JSON

Summary

A security vulnerability has been identified in all levels of IBM Spectrum Scale that could allow underprivileged attacker to execute commands as root. A fix for this vulnerability is available.

Vulnerability Details

CVEID:CVE-2020-4273
**DESCRIPTION:**IBM Spectrum Scale could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input.
CVSS Base score: 7.4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/175977 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Spectrum Scale All

Remediation/Fixes

For IBM Spectrum Scale V5.0.0.0 through 5.0.4.2, apply V5.0.4.3 available from FixCentral at:

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=5.0.4&platform=All&function=all

For IBM Spectrum Scale V4.2.0.0 through V4.2.3.20, apply V4.2.3.21 available from FixCentral at:

https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%20defined%20storage&product=ibm/StorageSoftware/IBM+Spectrum+Scale&release=4.2.3&platform=All&function=all

If you cannot apply the latest level of service, contact IBM Service for an efix:

- For IBM Spectrum Scale V5.0.0.0 through V5.0.4.2, reference APAR IJ23438

- For IBM Spectrum Scale V4.2.0.0 through V4.2.3.20, reference APAR IJ23426

Workarounds and Mitigations

Until the fixes can be applied, a workaround is to remove the setuid from the files in the /usr/lpp/mmfs/bin directory. Determine the set of files with setuid bit by running

ls -l /usr/lpp/mmfs/bin | grep r-s

Then reset the setuid bit for each such file by issuing this command on each file

chmod u-sfile

Once the workaround is applied, a number of commands may no longer work when not invoked by unprivileged users, including:

mmchfileset mmcrsnapshot mmdelsnapshot mmdf mmedquota mmgetacl mmlsdisk mmlsfileset mmlsfs mmlsmgr mmlspolicy mmlspool mmlsquota mmlssnapshot mmputacl mmsnapdir

Related

ibm 3
cvelist 1
prion 1
nvd 1
cve 1
ibm
ibm
Security Bulletin: IBM Elastic Storage Server is affected by a vulnerability where an unprivileged user could execute commands as root ( CVE-2020-4273)
2020-08-17 13:17:26
Security Bulletin: IBM Elastic Storage System 3000 is affected by a vulnerability where an unprivileged user could execute commands as root ( CVE-2020-4273)
2020-07-22 12:10:06
Security Bulletin: IBM Db2® Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2®
2021-04-19 16:53:43
cvelist
cvelist
CVE-2020-4273
2020-04-02 00:00:00
prion
prion
Command injection
2020-04-03 13:15:00
nvd
nvd
CVE-2020-4273
2020-04-03 13:15:13
cve
cve
CVE-2020-4273
2020-04-03 13:15:13

0.0004 Low

EPSS

Percentile

12.8%

JSON
Related for 8FA0435CE242976B6A45CD955181FDE5E7CA3B1930BFD5747DEFF770FFCEEC1F
ibm3cvelist1prion1nvd1cve1