CVSS: 6.2EPSS: 0%CPEs: 13EXPL: 0CVE-2017-1304
https://notcve.org/view.php?id=CVE-2017-1304
21 Jun 2017 — IBM has identified a vulnerability with IBM Spectrum Scale/GPFS utilized on the Elastic Storage Server (ESS)/GPFS Storage Server (GSS) during testing of an unsupported configuration, where users applications are running on an active ESS I/O server node and utilize direct I/O to perform a read or a write to a Spectrum Scale file. This vulnerability may result in the use of an incorrect memory address, leading to a Spectrum Scale/GPFS daemon failure with a Signal 11, and possibly leading to denial of service ... • http://www.ibm.com/support/docview.wss?uid=ssg1S1010230 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.4EPSS: 0%CPEs: 28EXPL: 0CVE-2016-0392 – IBM GPFS / Spectrum Scale Command Injection
https://notcve.org/view.php?id=CVE-2016-0392
08 Jun 2016 — IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program. IBM General Parallel File System (GPFS) en GPFS Storage Server 2.0.0 hasta la versión 2.0.7 y Elastic Storage Server 2.5.x hasta la versión 2.5.5, 3.x en versiones anteriores a 3.5.5 y 4.x en versiones anteriores a 4.0.... • http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html • CWE-284: Improper Access Control •