10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Spectrum Scale RAID/IBM GPFS Native RAID. These issues were disclosed as part of the IBM Java SDK updates for October 2015.
CVEID: CVE-2015-4843** **
DESCRIPTION: An unspecified vulnerability related to the Libraries component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107342 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVEID: CVE-2015-4805** **
DESCRIPTION: An unspecified vulnerability related to the Serialization component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 10
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107345 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVEID: CVE-2015-4810** **
DESCRIPTION: An unspecified vulnerability related to the Deployment component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 6.9
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107349 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVEID: CVE-2015-4806** **
DESCRIPTION: An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 6.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107350 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N)
CVEID: CVE-2015-4871** **
DESCRIPTION: An unspecified vulnerability related to the Libraries component has partial confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 5.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107351 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVEID: CVE-2015-4902** **
DESCRIPTION: An unspecified vulnerability related to the Deployment component has no confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/107352 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)
IBM Spectrum Scale RAID/IBM GPFS Native RAID 4.1.0.0 and later for the Elastic Storage Server and the GPFS Storage Server
For the Elastic Storage Server 3.5 and 3.5.1, obtain 3.5.2 install software and upgrade the system. See release note for details.
The images are at Fix Central http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Software%2Bdefined%2Bstorage&product=ibm/StorageSoftware/IBM+Spectrum+Scale+RAID&release=4.1.1&platform=All&function=all
For the Elastic Storage Server 3.0 thru 3.0.4, obtain ESS 3.0.5 install software and upgrade the system. See release note for details.
For the Elastic Storage Server 2.5 thru 2.5.4, obtain ESS 2.5.5 install software and upgrade the system. See release note for details.
For the GPFS Storage Server 2.0 thru 2.0.6, obtain GSS 2.0.7 install software and upgrade the system. See release note for details.
The images are at Fix Centralhttp://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=Cluster%2Bsoftware&product=ibm/Other+software/GPFS+Native+RAID+for+GPFS+Storage+Server&release=All&platform=All&function=all
For the GPFS Storage Server 2.5, contact Lenovo at http://shop.lenovo.com/us/en/systems/servers/high-density/gpfs-storage/
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum scale raid | eq | 4.0 | |
ibm elastic storage server | eq | any |