Vulnerabilities > IBM > General Parallel File System > 3.5

DATE CVE VULNERABILITY TITLE RISK
2016-08-08 CVE-2016-0361 Information Disclosure vulnerability in IBM Spectrum Scale
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.
network
low complexity
ibm
4.0
4.0
2016-01-02 CVE-2015-7403 Local Denial of Service vulnerability in IBM General Parallel File System and Spectrum Scale
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
local
low complexity
ibm
2.1
2.1
2015-10-26 CVE-2015-4981 Information Exposure vulnerability in IBM General Parallel File System and Spectrum Scale
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.
local
low complexity
ibm CWE-200
2.1
2.1
2015-10-26 CVE-2015-4974 Command Injection vulnerability in IBM General Parallel File System and Spectrum Scale
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
local
low complexity
ibm CWE-77
7.2
7.2
2015-03-24 CVE-2015-0199 Resource Management Errors vulnerability in IBM General Parallel File System 3.4/3.5/4.1
The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory corruption) via unspecified character-device ioctl calls.
local
low complexity
ibm CWE-399
4.9
4.9
2015-03-24 CVE-2015-0198 Improper Authentication vulnerability in IBM General Parallel File System 3.4/3.5/4.1
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.
network
low complexity
ibm CWE-287
critical
 10.0
10
2015-03-24 CVE-2015-0197 Permissions, Privileges, and Access Controls vulnerability in IBM General Parallel File System 3.4/3.5/4.1
IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors.
local
low complexity
ibm CWE-264
7.2
7.2