CVE-2018-1431 — IBM General Parallel File System vulnerability

3 documents3 sources

Severity

7.8HIGHNVD

CNA7.4

EPSS

0.1%

top 84.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM General Parallel File System IBM Spectrum Scale

Timeline

PublishedJun 13

Latest updateMay 13

Description

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify files in the Spectrum Scale file system, and possibly to obtain administrator privileges on the node. IBM X-Force ID: 139240.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDibm/spectrum_scale4.1.1.0 — 4.1.1.19+5

▶CVEListV5ibm/spectrum_scale6 versions+5

▶NVDibm/general_parallel_file_system4.1.0.0 — 4.1.0.8

🔴Vulnerability Details

GHSA

GHSA-rgpj-748v-34f2: A vulnerability in GSKit affects IBM Spectrum Scale 4↗2022-05-13

▶

CVEList

CVE-2018-1431: A vulnerability in GSKit affects IBM Spectrum Scale 4↗2018-06-13

▶