CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0CVE-2023-30434 – IBM Storage Scale denial of service
https://notcve.org/view.php?id=CVE-2023-30434
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252187 https://www.ibm.com/support/pages/node/6988363 https://www.ibm.com/support/pages/node/6988365 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-43869 – IBM Spectrum Scale denial of service
https://notcve.org/view.php?id=CVE-2022-43869
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239539 https://www.ibm.com/support/pages/node/6909465 https://www.ibm.com/support/pages/node/6909469 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4926
https://notcve.org/view.php?id=CVE-2020-4926
A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600. Una vulnerabilidad en el componente core de Spectrum Scale 5.1 e IBM Elastic Storage System 6.1, podría permitir el acceso no autorizado a los datos del usuario o la inyección de datos arbitrarios en el protocolo de comunicación. IBM X-Force ID: 191600 • https://exchange.xforce.ibmcloud.com/vulnerabilities/191600 https://www.ibm.com/support/pages/node/6565399 https://www.ibm.com/support/pages/node/6589109 • CWE-862: Missing Authorization •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-5015
https://notcve.org/view.php?id=CVE-2020-5015
IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6.2 could allow a remote attacker to cause a denial of service by sending malformed UDP requests. IBM X-Force ID: 193486. IBM Elastic Storage System versiones 6.0.0 hasta 6.0.1.2 e IBM Elastic Storage Server versiones 5.3.0 hasta 5.3.6.2, podrían permitir a un atacante remoto causar una denegación de servicio mediante el envío de peticiones UDP malformadas. IBM X-Force ID: 193486 • https://exchange.xforce.ibmcloud.com/vulnerabilities/193486 https://www.ibm.com/support/pages/node/6434155 https://www.ibm.com/support/pages/node/6434737 •
CVSS: 8.4EPSS: 0%CPEs: 28EXPL: 0CVE-2016-0392
https://notcve.org/view.php?id=CVE-2016-0392
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program. IBM General Parallel File System (GPFS) en GPFS Storage Server 2.0.0 hasta la versión 2.0.7 y Elastic Storage Server 2.5.x hasta la versión 2.5.5, 3.x en versiones anteriores a 3.5.5 y 4.x en versiones anteriores a 4.0.3, según se distribuye en Spectrum Scale RAID, permite a usuarios locales obtener privilegios a través de un parámetro manipulado en un programa setuid. • http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875 http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206 http://www.securityfocus.com/archive/1/538620/100/0/threaded http://www.securityfocus.com/bid/91082 http://www.securitytracker.com/id/1036458 • CWE-284: Improper Access Control •