Vulnerabilities > IBM > Spectrum Scale > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-14 | CVE-2022-43843 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Spectrum Scale 5.1.5.0/5.1.5.1 IBM Spectrum Scale 5.1.5.0 through 5.1.5.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2023-03-15 | CVE-2020-4927 | Unspecified vulnerability in IBM Spectrum Scale A vulnerability in the Spectrum Scale 5.0.5.0 through 5.1.6.1 core component could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. | 8.2 |
2021-06-01 | CVE-2021-29740 | Use of Externally-Controlled Format String vulnerability in IBM Spectrum Scale IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. | 7.2 |
2019-10-09 | CVE-2019-4558 | Injection vulnerability in IBM Spectrum Scale A security vulnerability has been identified in all levels of IBM Spectrum Scale V5.0.0.0 through V5.0.3.2 and IBM Spectrum Scale V4.2.0.0 through V4.2.3.17 that could allow a local attacker to obtain root privilege by injecting parameters into setuid files. | 7.2 |
2016-06-29 | CVE-2016-0263 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command. | 7.2 |
2015-10-26 | CVE-2015-4974 | Command Injection vulnerability in IBM General Parallel File System and Spectrum Scale IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via unspecified vectors. | 7.2 |