Vulnerabilities > IBM > Spectrum Scale

DATE CVE VULNERABILITY TITLE RISK
2023-12-14 CVE-2022-43843 Unspecified vulnerability in IBM Spectrum Scale 5.1.5.0/5.1.5.1
IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
2023-05-05 CVE-2023-30434 Unspecified vulnerability in IBM Elastic Storage System and Spectrum Scale
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic.
local
low complexity
ibm
5.5
2023-03-15 CVE-2020-4927 Unspecified vulnerability in IBM Spectrum Scale
A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol.
network
low complexity
ibm
8.2
2023-02-12 CVE-2022-43869 Unspecified vulnerability in IBM Elastic Storage System and Spectrum Scale
IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack.
network
low complexity
ibm
6.5
2022-12-19 CVE-2022-40607 Path Traversal vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem.
network
low complexity
ibm CWE-22
6.8
2022-05-24 CVE-2020-4926 Missing Authorization vulnerability in IBM Elastic Storage System and Spectrum Scale
A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol.
network
low complexity
ibm CWE-862
critical
9.1
2022-05-03 CVE-2022-22368 Inadequate Encryption Strength vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
7.5
2022-03-01 CVE-2020-4925 Unspecified vulnerability in IBM Spectrum Scale 5.0.0/5.1.0
A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests.
local
low complexity
ibm
5.5
2021-11-16 CVE-2021-38882 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time.
local
low complexity
ibm
4.4
2021-06-01 CVE-2021-29740 Use of Externally-Controlled Format String vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability.
local
low complexity
ibm CWE-134
7.8