Spectrum Scale Security Vulnerabilities and Issues — Spectrum Scale CVE List

Lucene search

IbmSpectrum Scale

9 matches found

CVE•added 2020/05/19 2:15 p.m.•42 views

CVE-2020-4411

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local atta...

7.1CVSS6.3AI score0.00043EPSS

CVE•added 2020/05/27 2:15 p.m.•36 views

CVE-2020-4350

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2020/05/27 2:15 p.m.•36 views

CVE-2020-4379

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2020/05/27 2:15 p.m.•35 views

CVE-2020-4348

IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414

6.5CVSS6.2AI score0.00102EPSS

CVE•added 2020/05/27 2:15 p.m.•34 views

CVE-2020-4357

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761.

4.3CVSS4.1AI score0.00104EPSS

CVE•added 2020/05/19 2:15 p.m.•34 views

CVE-2020-4412

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster a...

5.3CVSS5.3AI score0.00316EPSS

CVE•added 2020/05/27 2:15 p.m.•33 views

CVE-2020-4349

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423.

7.5CVSS7.2AI score0.00112EPSS

CVE•added 2020/05/27 2:15 p.m.•33 views

CVE-2020-4378

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157.

4.9CVSS4.7AI score0.00136EPSS

CVE•added 2020/05/27 2:15 p.m.•31 views

CVE-2020-4358

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762.

5.4CVSS5.2AI score0.00236EPSS