Vulnerabilities > IBM > Spectrum Scale > 5.1.0.1

DATE CVE VULNERABILITY TITLE RISK
2021-04-27 CVE-2020-4981 Improper Input Validation vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.4.1 through 5.1.0.3 could allow a local privileged user to overwrite files due to improper input validation.
local
low complexity
ibm CWE-20
6.0
2021-04-27 CVE-2021-29667 Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.2 is potentially vulnerable to CSV Injection.
local
low complexity
ibm CWE-1236
7.8
2021-04-09 CVE-2021-29671 Unspecified vulnerability in IBM Spectrum Scale 5.1.0.1
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled.
local
low complexity
ibm
3.3
2021-03-16 CVE-2020-4891 Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account lockout setting that could allow a local user er to brute force Rest API account credentials.
local
low complexity
ibm CWE-307
5.5
2021-03-16 CVE-2020-4890 Unspecified vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user with a valid role to the REST API to cause a denial of service due to weak or absense of rate limiting.
local
low complexity
ibm
4.4
2021-03-16 CVE-2020-4851 Injection vulnerability in IBM Spectrum Scale
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 could allow a local user to poison log files which could impact support and development efforts.
local
low complexity
ibm CWE-74
5.5