136 matches found
Security Bulletin: A vulnerability in IBM Java SDK affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-3180)
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Elastic Storage Server. This issue was disclosed as part of the IBM Java SDK updates in Oct 2018. Vulnerability Details CVEID: CVE-2018-3180 DESCRIPTION: An unspecified vulnerability in Oracle Java SE...
Security Bulletin: A vulnerability in IBM WebSphere Application Server affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-8039)
Summary There is a vulnerability in IBM WebSphere Application Server, used by IBM Spectrum Scale. This issue may allow a remote attacker to conduct a man-in-the-middle attack. Vulnerability Details CVEID: CVE-2018-8039 DESCRIPTION: Apache CXF could allow a remote attacker to conduct a...
Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by the use of Local Read Only Cache (LROC) which may result in directory corruption and undetected data corruption in regular files.
Summary The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale where after cached data is moved from memory to the LROC device, any changes to that data should trigger invalidation of the data stored in LROC. Due to a problem with invalidation logic, it is possible for th...
Arbitrary File Overwrite
glusterfs is vulnerable to arbitrary file overwrite attacks. The vulnerability exists as GlusterFS 3.3.0, as used in Red Hat Storage server 2.0, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names...
Security Bulletin: The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale (CVE-2018-1782)
Summary The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale which could allow a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS...
Security Bulletin: The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale (CVE-2018-1783)
Summary The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale which could allow an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS CVE-2018-1783. Vulnerability Details CVEID:...
Security Bulletin: A vulnerability in IBM Java SDK affects IBM Spectrum Scale packaged in IBM Elastic Storage Server (CVE-2018-12539)
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Elastic Storage Server. This issue was disclosed as part of the IBM Java SDK updates in July 2018. Vulnerability Details CVEID: CVE-2018-12539 DESCRIPTION: Eclipse OpenJ9 could allow a local attacker to...
glusterfs: Arbitrary file creation on storage server allows for execution of arbitrary code
A flaw was found in RPC request using gfs2createreq in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes...
Security Bulletin: A vulnerability in IBM Java SDK affects IBM Spectrum Scale packaged in IBM Elastic Storage Server
Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 used by IBM Elastic Storage Server. This issue was disclosed as part of the IBM Java SDK updates in April 2018. Vulnerability Details CVEID: CVE-2018-2783 DESCRIPTION: An unspecified vulnerability in Oracle Java SE...
Security Bulletin: The Elastic Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2018-1512)
Summary The Elastic Storage Server are affected by a vulnerability in IBM Spectrum Scale with CES stack enabled that could allow sensitive data to be included with service snaps. This data could be sent to IBM during service engagements CVE-2018-1512 Vulnerability Details CVEID: CVE-2018-1512...
Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale
Summary The Elastic Storage Server and the GPFS Storage Server are affected by a multiple GSKit vulnerability in IBM Spectrum Scale. Vulnerability Details CVEID: CVE-2018-1431 DESCRIPTION: A vulnerability in GSKit affects IBM Spectrum Scale that could allow a local attacker to obtain control of t...
Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2017-1654)
Summary The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale that could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements. Vulnerability Details CVEID:...
Security Bulletin: The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2017-1304)
Summary Use of IBM Spectrum Scale on an Elastic Storage Server/GPFS Storage Server in an unsupported configuration, where user applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file, may result in a daemon failure,...
WSO2 Storage Server XSS Vulnerability
WSO2 Storage Server is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Spoofing
IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server ESS/GPFS Storage Server GSS during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a...
RHEL 6 / 7 : Storage Server (RHSA-2017:1395)
An update for libntirpc is now available for Red Hat Gluster Storage 3.2 for RHEL 6 and Red Hat Gluster Storage 3.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
RHEL 6 / 7 : Storage Server (RHSA-2017:1273) (SambaCry)
An update for samba is now available for Red Hat Gluster Storage 3.2 for RHEL 6 and Red Hat Gluster Storage 3.2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
Update Rollup 4 for Windows Server Solutions Best Practices Analyzer 1.0 is available
Update Rollup 4 for Windows Server Solutions Best Practices Analyzer 1.0 is available Introduction This article describes Update 4 for Windows Server Solutions Best Practices Analyzer Windows Server Solutions BPA 1.0. Update 4 includes new best practices, and it also resolves several issues...
Red Hat Storage Console Local Information Disclosure Vulnerability
Red Hat Storage server is a storage server for the Gluster cluster file system. A local information disclosure vulnerability exists in Red Hat Storage Console, which can be exploited by an attacker to obtain sensitive information...
WSO2 Carbon Products Detection (HTTP)
HTTP based detection of WSO2 Carbon products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...