Spectrum Scale@* Security Vulnerabilities and Issues — Spectrum Scale@* CVE List

Lucene search

IbmSpectrum Scale*

10 matches found

CVE•added 2021/11/16 5:15 p.m.•43 views

CVE-2021-38882

IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. IBM X-Force ID: 209164.

4.4CVSS4.4AI score0.0005EPSS

CVE•added 2021/04/27 5:15 p.m.•42 views

CVE-2021-29667

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 199403.

7.8CVSS7.8AI score0.00313EPSS

CVE•added 2021/06/01 2:15 p.m.•38 views

CVE-2021-29740

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entir...

8.4CVSS7.7AI score0.00073EPSS

CVE•added 2021/04/27 5:15 p.m.•34 views

CVE-2020-4981

IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation. IBM X-Force ID: 192541.

6CVSS5.6AI score0.00035EPSS

CVE•added 2021/03/16 2:15 p.m.•33 views

CVE-2020-4851

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.

5.5CVSS5.2AI score0.00046EPSS

CVE•added 2021/03/16 2:15 p.m.•32 views

CVE-2020-4890

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting. IBM X-Force ID: 190973.

4.4CVSS4.8AI score0.00041EPSS

CVE•added 2021/03/16 2:15 p.m.•32 views

CVE-2020-4891

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials. IBM X-Force ID: 190974.

6.2CVSS5.2AI score0.00038EPSS

CVE•added 2021/04/09 5:15 p.m.•32 views

CVE-2021-29671

IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478.

4CVSS3.8AI score0.00038EPSS

CVE•added 2021/04/27 5:15 p.m.•31 views

CVE-2021-29666

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.5AI score0.00158EPSS

CVE•added 2021/01/26 3:15 p.m.•30 views

CVE-2020-4889

IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190971.

4CVSS3.8AI score0.00038EPSS