Vulnerabilities > IBM > Spectrum Scale > 5.0.4.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-20 | CVE-2020-4749 | Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-10-20 | CVE-2020-4748 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting. | 4.3 |
2020-10-20 | CVE-2020-4491 | Resource Exhaustion vulnerability in IBM Spectrum Scale IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash. | 2.1 |
2020-05-27 | CVE-2020-4379 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4378 | Unspecified vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. | 4.0 |
2020-05-27 | CVE-2020-4358 | Cross-site Scripting vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. | 3.5 |
2020-05-27 | CVE-2020-4357 | Information Exposure vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.0 |
2020-05-27 | CVE-2020-4350 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4349 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2020-05-27 | CVE-2020-4348 | Incorrect Authorization vulnerability in IBM Spectrum Scale IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. | 4.0 |