Vulnerabilities > IBM > Spectrum Scale > 5.0.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-05-27 CVE-2020-4379 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2020-05-27 CVE-2020-4378 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command.
network
low complexity
ibm
4.9
4.9
2020-05-27 CVE-2020-4358 Cross-site Scripting vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-05-27 CVE-2020-4357 Information Exposure Through an Error Message vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
4.3
4.3
2020-05-27 CVE-2020-4350 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2020-05-27 CVE-2020-4349 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2020-05-27 CVE-2020-4348 Missing Authorization vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control.
network
low complexity
ibm CWE-862
6.5
6.5
2020-05-19 CVE-2020-4412 Unspecified vulnerability in IBM Spectrum Scale
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability.
network
low complexity
ibm
5.3
5.3
2020-05-19 CVE-2020-4411 Improper Input Validation vulnerability in IBM Spectrum Scale
The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system.
local
low complexity
ibm CWE-20
7.1
7.1
2020-04-03 CVE-2020-4273 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input.
local
low complexity
ibm
7.8
7.8