CVE-2022-43867

CWE-78OS Command Injection3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 71.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Spectrum ScaleIBM Spectrum Scale Container Native Storage Access
Timeline
PublishedDec 6

Description

IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. IBM X-Force ID: 239437.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/spectrum_scale5.1.0.15.1.4.1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-p988-8hhv-9wpv: IBM Spectrum Scale 52022-12-06
CVEList
IBM Spectrum Scale command execution2022-12-06
CVE-2022-43867 (HIGH CVSS 7.8) | IBM Spectrum Scale 5.1.0.1 through | cvebase.io