CVE-2016-2985
Published Nov 25, 2016
Last updated 8 years ago
Overview
- Description
- IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.9
- Impact score
- 10
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-264
Social media
- Hype score
- Not currently trending
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E29D816-7A73-47EA-8DE6-E553CA0D1079" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18C5A85C-F932-44CF-B3EA-691737C96C52" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9385B07C-881D-4A4E-A0F5-FF1BC88F8CFF" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27319318-1C09-4CEE-BAE2-6E52C8FD8DCA" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85F22D48-CB9C-434A-AFD7-50E4E980D1DA" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52D0326F-B03A-4476-8E94-BC0D8ADD5321" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "564BDF5A-EAFF-47F5-A670-2019BB508DD5" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E93E3DC-F8FA-493F-AD79-0DED309F3D9D" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1578B640-B312-4BE8-8036-9DCC7201B04E" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A55A717-5CA2-4073-80AA-16044EC23B7B" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11BAE960-B5C8-4566-8D18-B2754069C933" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D788F7B7-E3F5-495D-BF0D-EB5D6A57D84F" }, { "criteria": "cpe:2.3:a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33B349F3-C4A5-4EDA-8579-17AF297E4BA0" } ], "operator": "OR" } ] }, { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89F44D96-CDE6-405D-ACDB-D1B699F3ED9B" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC456A68-AF06-4862-A8FF-DF96A398C25B" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC814EC9-DDBE-48AD-996F-4684348A31C6" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D08020F-C3F5-4175-B671-73AA12E8F571" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "370EEC39-3CE4-43AD-AF18-D585D214130A" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78041991-E33E-4A0F-85A9-07ABC30253F2" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF402081-402A-4277-A83C-729DF038F25D" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F32AE31-9C7C-4FFC-A4FB-9C6D13D02E36" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3F9A954-7411-4977-8735-9F61CC3F5E4C" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8638C2C-434E-4716-BB4F-F759FFFAD008" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37D91B69-57BC-4011-AD90-531B52C1C23A" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3061EBC4-981B-4C1E-B4B6-05CE75AC835C" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3C114FE-1A1A-4048-BEF9-2C8637136FFC" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58466B0C-9811-42CB-8062-305143F0EC85" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C1C55A6-EDA7-4039-BB9F-793C08542B19" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "442E3A3A-3056-4D1F-BEBD-253FC48BA39E" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BE5DA93-B2EB-438C-B698-75E5F116C02C" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61A5E812-9CBD-4FD1-B4A4-8E889B333B67" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC2D24BA-6A99-4A15-A7A7-E4EC054E9CDC" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75881EF9-571E-409B-ACA6-B74629FF432E" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D9F09E3-A012-43A7-AD86-0E56F4F9810D" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F886B47-11EE-4575-8AB9-AD96AF1D2571" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3071064-9366-4C0D-8F0C-EB3688A6631A" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "264DFE33-BCBA-45A9-8225-9807AA3AC30B" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "171FFBCB-6ECD-4355-9898-0EB76E7ABCA5" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10334B9D-7296-426D-9DCE-A12D42842CCD" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91CE891C-0901-4AFA-B7FD-3554EAF1B781" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E001E389-CF46-4F25-825C-42D74449AEBF" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46BFDF57-1CF3-45FA-9989-E77D96CEE291" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32051A82-BF76-439B-8D8C-B8EE5B6EAEA1" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F15DE88-ED1E-48B7-A5F2-73278987B4B0" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEE29E4D-65DE-4DEF-962D-2ECE5D62A846" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E78F4327-0160-467E-8C2C-BDEBB4149227" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD19B4F-5738-4CB1-99FC-F40FDA8388AE" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B497D629-62AB-4F21-BDF4-02336A19E04C" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10E68BB2-4132-46F1-B8E9-9FA03FEB92BF" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E1CBA1A7-02AF-4D59-A6FF-9C52903986EE" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEAC1912-1412-45B6-920C-A52510095977" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59A4A5C6-8DF0-4431-BE2C-5C6815371C98" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F90908FF-0E10-4AFD-A38C-4D5E50C05FF3" }, { "criteria": "cpe:2.3:a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "591E5985-29A1-4C06-8832-DA1587CFE101" } ], "operator": "OR" } ] } ]