5 matches found
Security Bulletin: IBM General Parallel File System V4.1 is affected by a security vulnerability (CVE-2015-1890)
Summary A security vulnerability has been identified in GPFS V4.1 where the private key of TLS client certificates used by GPFS nodes may be contained in a gpfs.snap file CVE-2015-1890. Vulnerability Details CVEID: CVE-2015-1890 DESCRIPTION: IBM General Parallel File System could allow someone wh...
Security Bulletin: A security vulnerability has been identified in IBM® General Parallel File System shipped with IBM PureData System for Operational Analytics (CVE-2015-1890)
Summary IBM General Parallel File System is shipped as a component of IBM PureData System for Operational Analytics. Information about a security vulnerability affecting IBM General Parallel File System has been published in a security bulletin. Vulnerability Details CVEID: CVE-2015-1890...
Security Bulletin: IBM PureApplication System is affected by a security vulnerability. (CVE-2015-1890)
Summary A security vulnerability have been identified in the General Parallel File System gpfs.snap service tool that affects IBM PureApplication System. Vulnerability Details CVEID: CVE-2015-1890 DESCRIPTION: IBM General Parallel File System could allow someone who has access to a snap file...
CVE-2015-1890
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System GPFS 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by...
CVE-2015-1890
CVE-2015-1890 affects IBM GPFS (General Parallel File System). A gpfs.snap diagnostic archive (created by /usr/lpp/mmfs/bin/gpfs.snap) may contain private TLS keys used for daemon communications, exposing possibility of impersonation/decryption if an attacker can access the archive. Affected GPFS...