4 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 239080. IBM Spectrum Scale 5.1.5.0 a 5.1.5.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 239080. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239080 https://https://www.ibm.com/support/pages/node/7094941 https://www.ibm.com/support/pages/node/7094941 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187. • https://exchange.xforce.ibmcloud.com/vulnerabilities/252187 https://www.ibm.com/support/pages/node/6988363 https://www.ibm.com/support/pages/node/6988365 • CWE-20: Improper Input Validation •

CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0

A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191695. • https://exchange.xforce.ibmcloud.com/vulnerabilities/191695 https://www.ibm.com/support/pages/node/6960571 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539. • https://exchange.xforce.ibmcloud.com/vulnerabilities/239539 https://www.ibm.com/support/pages/node/6909465 https://www.ibm.com/support/pages/node/6909469 • CWE-134: Use of Externally-Controlled Format String •