Vulnerabilities > IBM > Spectrum Scale > 4.1.1.1

DATE CVE VULNERABILITY TITLE RISK
2016-11-25 CVE-2016-2984 Permissions, Privileges, and Access Controls vulnerability in IBM General Parallel File System and Spectrum Scale
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
local
ibm CWE-264
6.9
6.9
2016-06-29 CVE-2016-0263 Permissions, Privileges, and Access Controls vulnerability in IBM products
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command.
local
low complexity
ibm CWE-264
7.2
7.2
2016-01-27 CVE-2015-7488 Information Exposure vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in certain LDAP File protocol configurations, allows remote attackers to discover an LDAP password via unspecified vectors.
local
low complexity
ibm CWE-200
2.1
2.1
2016-01-02 CVE-2015-7403 Local Denial of Service vulnerability in IBM General Parallel File System and Spectrum Scale
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
local
low complexity
ibm
2.1
2.1
2016-01-01 CVE-2015-7456 Information Exposure vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors.
network
low complexity
ibm CWE-200
4.0
4.0
2015-10-26 CVE-2015-4981 Information Exposure vulnerability in IBM General Parallel File System and Spectrum Scale
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory via unspecified vectors.
local
low complexity
ibm CWE-200
2.1
2.1
2015-10-26 CVE-2015-4974 Command Injection vulnerability in IBM General Parallel File System and Spectrum Scale
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors.
local
low complexity
ibm CWE-77
7.2
7.2