Vulnerabilities > IBM > Spectrum Scale > 5.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-19 | CVE-2022-40607 | Path Traversal vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. | 6.8 |
| 2022-05-24 | CVE-2020-4926 | Missing Authorization vulnerability in IBM Elastic Storage System and Spectrum Scale A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. | 9.1 |
| 2022-03-01 | CVE-2020-4925 | Unspecified vulnerability in IBM Spectrum Scale 5.0.0/5.1.0 A security vulnerability in the Spectrum Scale 5.0 and 5.1 allows a non-root user to overflow the mmfsd daemon with requests and preventing the daemon to service other requests. | 5.5 |
| 2021-04-27 | CVE-2021-29666 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is vulnerable to cross-site scripting. | 5.4 |
| 2021-04-27 | CVE-2021-29667 | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection. | 7.8 |
| 2021-01-26 | CVE-2020-4889 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local user to poison log files which could impact support and development efforts. | 3.3 |