Lucene search
+L
IbmGeneral Parallel File System

14 matches found

CVE
CVE
added 2015/03/24 1:0 a.m.75 views

CVE-2015-0198

CVE-2015-0198 affects IBM GPFS (V3.4/V3.5/V4.1) where cipherList configurations could allow remote authentication bypass and root-level code execution. IBM advisories and GPFS security bulletins detail affected versions and provide fixes: upgrade GPFS to 4.1.0.7, 3.5.0.24, or 3.4.0.32 as appropri...

10CVSS7.3AI score0.04156EPSS
CVE
CVE
added 2015/03/24 1:0 a.m.72 views

CVE-2015-0199

CVE-2015-0199 concerns IBM General Parallel File System (GPFS). The vulnerability arises from the mmfslinux kernel module: a local attacker can cause kernel memory corruption and a denial of service by issuing specific ioctl calls to a character device. Affected GPFS versions are 3.4.x before 3.4...

4.9CVSS5.8AI score0.00388EPSS
CVE
CVE
added 2015/03/24 1:0 a.m.71 views

CVE-2015-0197

CVE-2015-0197, CVE-2015-0198, and CVE-2015-0199 pertain to IBM GPFS (General Parallel File System) across GPFS 3.4/3.5/4.1 and related IBM products. The initial sources describe: CVE-2015-0197: local attacker with non-privileged account can execute programs with root privileges (vector: local). A...

7.2CVSS6AI score0.00454EPSS
CVE
CVE
added 2018/06/13 2:0 p.m.60 views

CVE-2018-1431

CVE-2018-1431 is a GSKit vulnerability affecting IBM Spectrum Scale components (notably GPFS-based deployments) that could allow a local attacker to gain control of the Spectrum Scale daemon and read/modify files, potentially elevating privileges. Connected IBM bulletins enumerate affected releas...

7.8CVSS8.1AI score0.00376EPSS
CVE
CVE
added 2017/02/01 10:0 p.m.57 views

CVE-2016-6115

CVE-2016-6115 affects IBM GPFS/Spectrum Scale (e.g., Elastic Storage Server and GPFS Storage Server). The vulnerability is a buffer overflow in IBM General Parallel File System that could be triggered by a remote authenticated attacker, allowing arbitrary code execution with root privileges or ca...

9CVSS7.3AI score0.03954EPSS
CVE
CVE
added 2018/03/02 5:0 p.m.57 views

CVE-2017-1654

This CVE (CVE-2017-1654) affects IBM Spectrum Scale: affected versions include 4.1.1, 4.2.0–4.2.3 and 5.0.0, where a local unprivileged user could access information stored in dump/trace files. The IBM bulletins describe that dump contents, including user data, could be written to recovery logs o...

4CVSS3.4AI score0.00383EPSS
CVE
CVE
added 2015/10/26 1:0 a.m.56 views

CVE-2015-4974

CVE-2015-4974 affects IBM GPFS/Spectrum Scale: local attacker could execute commands with root privileges. A related issue, CVE-2015-4981, could allow reading system memory contents. Affected products include GPFS 3.5.x before 3.5.0.27, GPFS 4.1.x before 4.1.1.2, and Spectrum Scale 4.1.1.x before...

7.2CVSS4.2AI score0.00585EPSS
CVE
CVE
added 2015/10/26 1:0 a.m.55 views

CVE-2015-4981

CVE-2015-4981 is described in IBM security advisories as a local memory-read vulnerability in IBM GPFS/Spectrum Scale. The issue allows a local, non-privileged attacker to read system memory contents via GPFS components across affected releases. Affected products/versions include IBM GPFS (now IB...

2.1CVSS3.7AI score0.00382EPSS
CVE
CVE
added 2016/01/02 9:0 p.m.55 views

CVE-2015-7403

CVE-2015-7403 affects IBM Spectrum Scale (GPFS) on AIX, with vulnerable components including Spectrum Scale 4.1.x (before 4.1.1.3) and GPFS 3.5.x and 4.1.x (before 4.1.0.8/3.5.0.29). Root cause described as a local denial-of-service due to a user pointer dereference that can crash the node. Affec...

4CVSS4.1AI score0.00362EPSS
CVE
CVE
added 2016/11/25 3:38 a.m.51 views

CVE-2016-2984

CVE-2016-2984 affects IBM Spectrum Scale/GPFS: local users can gain root privileges via crafted command-line parameters to a setuid binary in /usr/lpp/mmfs/bin. Affected versions include GPFS 3.5.x before 3.5.0.32, GPFS 4.1.x before 4.1.1.8, Spectrum Scale 4.1.1.x before 4.1.1.8, and 4.2.x before...

7CVSS6.7AI score0.00296EPSS
Web
CVE
CVE
added 2014/02/04 2:0 a.m.50 views

CVE-2014-0834

CVE-2014-0834 affects IBM General Parallel File System (GPFS). Affected versions: GPFS 3.4 up to 3.4.0.27 and 3.5 up to 3.5.0.16. Description: an authenticated, non-root attacker could cause a denial of service (GPFS daemon crash) by passing certain crafted arguments to a setuid program, potentia...

4CVSS6.3AI score0.01187EPSS
CVE
CVE
added 2016/11/25 3:38 a.m.46 views

CVE-2016-2985

CVE-2016-2985 affects IBM Spectrum Scale/GPFS where a local attacker can gain root privileges by manipulating environment variables processed by setuid executables under /usr/lpp/mmfs/bin. Affected products/versions include IBM Spectrum Scale V4.2.0.x before 4.2.0.4, V4.1.1.x before 4.1.1.8, and ...

7CVSS6.7AI score0.00296EPSS
CVE
CVE
added 2016/08/08 1:0 a.m.45 views

CVE-2016-0361

IBM Spectrum Scale (GPFS) vulnerable when the Spectrum Scale GUI is used with DB2; remote authenticated users could disclose ADMIN passwords due to a flaw in the GUI interaction. Affected products include Elastic Storage Server and GPFS Storage Server configurations across multiple releases (e.g....

6.5CVSS6.1AI score0.01815EPSS
CVE
CVE
added 2015/04/06 12:0 a.m.42 views

CVE-2015-1890

CVE-2015-1890 affects IBM GPFS (General Parallel File System). A gpfs.snap diagnostic archive (created by /usr/lpp/mmfs/bin/gpfs.snap) may contain private TLS keys used for daemon communications, exposing possibility of impersonation/decryption if an attacker can access the archive. Affected GPFS...

3.5CVSS6AI score0.00988EPSS