Vulnerabilities > IBM > Spectrum Scale > 5.0.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-20 | CVE-2020-4748 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. | 4.3 |
| 2020-10-20 | CVE-2020-4491 | Resource Exhaustion vulnerability in IBM Spectrum Scale IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. | 2.1 |
| 2020-08-31 | CVE-2020-4492 | Argument Injection or Modification vulnerability in IBM Spectrum Scale IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments. | 2.1 |
| 2020-05-27 | CVE-2020-4379 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2020-05-27 | CVE-2020-4378 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. | 4.0 |
| 2020-05-27 | CVE-2020-4358 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. | 3.5 |
| 2020-05-27 | CVE-2020-4357 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
| 2020-05-27 | CVE-2020-4350 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2020-05-27 | CVE-2020-4349 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
| 2020-05-27 | CVE-2020-4348 | Incorrect Authorization vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. | 4.0 |