Description
IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.
CVSS breakdown
CVSS 3.0
Integrity
High
Scope
Unchanged
Attack Complexity
Low
Availability
High
Privileges Required
None
Confidentiality
High
Attack Vector
Local
User Interaction
None
RL
O
E
Unchanged
RC
Changed
Affected products
- ibm / Spectrum Scale5.0.0 – 5.0.0
- ibm / Spectrum Scale5.1.0 – 5.1.0
- ibm / Spectrum Scale5.0.5.6 – 5.0.5.6
- ibm / Spectrum Scale5.1.0.3 – 5.1.0.3