Spectrum Scale Security Vulnerabilities and Issues — Page 2 of Spectrum Scale CVE List

Lucene search

IbmSpectrum Scale

60 matches found

CVE•added 2021/03/16 2:15 p.m.•32 views

CVE-2020-4890

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM X-Force ID: 190973.

4.4CVSS4.8AI score0.00041EPSS

CVE•added 2021/03/16 2:15 p.m.•32 views

CVE-2020-4891

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974.

6.2CVSS5.2AI score0.00038EPSS

CVE•added 2021/04/09 5:15 p.m.•32 views

CVE-2021-29671

IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.

4CVSS3.8AI score0.00038EPSS

CVE•added 2024/02/17 5:15 p.m.•32 views

CVE-2022-41738

IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an attacker to initiate connections to containers from external networks. IBM X-Force ID: 237812.

7.5CVSS7.3AI score0.00042EPSS

CVE•added 2016/01/01 11:59 a.m.•31 views

CVE-2015-7456

IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors.

6.5CVSS6AI score0.00202EPSS

CVE•added 2020/05/27 2:15 p.m.•31 views

CVE-2020-4358

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762.

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2020/10/20 3:15 p.m.•31 views

CVE-2020-4491

IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991.

5.5CVSS5.3AI score0.00043EPSS

CVE•added 2021/04/27 5:15 p.m.•31 views

CVE-2021-29666

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.5AI score0.00158EPSS

CVE•added 2021/01/26 3:15 p.m.•30 views

CVE-2020-4889

IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.

4CVSS3.8AI score0.00038EPSS

CVE•added 2021/05/20 3:15 p.m.•27 views

CVE-2020-4850

IBM Spectrum Scale 1.1.1.0 through 1.1.8.4 Transparent Cloud Tiering could allow a remote attacker to obtain sensitive information, caused by the leftover files after configuration. IBM X-Force ID: 190298.

7.5CVSS7.2AI score0.00122EPSS

Total number of security vulnerabilities60