Vulnerability CVE-2018-1431


Published: 2018-06-13

Description:
A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
IBM -> Spectrum scale 
IBM -> General parallel file system 

 References:
http://www.ibm.com/support/docview.wss?uid=ssg1S1012049
http://www.securityfocus.com/bid/105546
https://exchange.xforce.ibmcloud.com/vulnerabilities/139240

Copyright 2020, cxsecurity.com

 

Back to Top