Vulnerability CVE-2016-0361
Published: 2016-08-07   Modified: 2016-08-08

Description:
IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMIN passwords.

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
IBM -> General parallel file system 

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21986595
http://www.securityfocus.com/bid/90550
http://www.securitytracker.com/id/1036455
Copyright 2024, cxsecurity.com

 

Back to Top