Vulnerabilities > IBM > Spectrum Scale > 4.2.3.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-11 | CVE-2019-4715 | OS Command Injection vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2019-12-11 | CVE-2019-4665 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting. | 5.4 |
| 2019-10-09 | CVE-2019-4558 | Injection vulnerability in IBM Spectrum Scale A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files. | 7.8 |
| 2019-05-13 | CVE-2019-4259 | Unspecified vulnerability in IBM Spectrum Scale A security vulnerability has been identified in IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.2, 4.2.3, and 5.0.0 with CES stack enabled that could allow sensitive data to be included with service snaps. | 5.5 |