CVE-2016-2984

Published Nov 25, 2016
Last updated 8 years ago
Overview

Description: IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.
Source: psirt@us.ibm.com
NVD status: Modified
Risk scores

CVSS 3.0

Type: Primary
Base score: 7
Impact score: 5.9
Exploitability score: 1
Vector string: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses

nvd@nist.gov: CWE-264
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC456A68-AF06-4862-A8FF-DF96A398C25B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78041991-E33E-4A0F-85A9-07ABC30253F2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E001E389-CF46-4F25-825C-42D74449AEBF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46BFDF57-1CF3-45FA-9989-E77D96CEE291"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32051A82-BF76-439B-8D8C-B8EE5B6EAEA1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F15DE88-ED1E-48B7-A5F2-73278987B4B0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEE29E4D-65DE-4DEF-962D-2ECE5D62A846"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
