Spectrum Scale Security Vulnerabilities and Issues — Spectrum Scale CVE List

Lucene search

IbmSpectrum Scale

10 matches found

CVE•added 2019/05/13 4:29 p.m.•561 views

CVE-2019-4259

A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. IBM X-Force ID: 160011.

5.5CVSS5.3AI score0.00044EPSS

CVE•added 2020/10/20 3:15 p.m.•43 views

CVE-2020-4755

IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188595.

5.4CVSS5.4AI score0.00179EPSS

CVE•added 2016/01/27 5:59 a.m.•37 views

CVE-2015-7488

IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in certain LDAP File protocol configurations, allows remote attackers to discover an LDAP password via unspecified vectors.

5.9CVSS5.6AI score0.00081EPSS

CVE•added 2020/05/19 2:15 p.m.•34 views

CVE-2020-4412

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster a...

5.3CVSS5.3AI score0.00316EPSS

CVE•added 2019/12/11 3:15 p.m.•33 views

CVE-2019-4665

IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 171247.

5.4CVSS5.2AI score0.00186EPSS

CVE•added 2021/03/16 2:15 p.m.•33 views

CVE-2020-4851

IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts. IBM X-Force ID: 190450.

5.5CVSS5.2AI score0.00046EPSS

CVE•added 2018/10/05 1:29 p.m.•31 views

CVE-2018-1783

IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2) command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806.

5.5CVSS5.2AI score0.0005EPSS

CVE•added 2020/05/27 2:15 p.m.•31 views

CVE-2020-4358

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762.

5.4CVSS5.2AI score0.00236EPSS

CVE•added 2020/10/20 3:15 p.m.•31 views

CVE-2020-4491

IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. IBM X-Force ID: 181991.

5.5CVSS5.3AI score0.00043EPSS

CVE•added 2021/04/27 5:15 p.m.•31 views

CVE-2021-29666

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....

5.4CVSS5.5AI score0.00158EPSS