Overview
- Description
- A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.1
- Impact score
- 5.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- CRITICAL
CVSS 3.0
- Type
- Secondary
- Base score
- 5.7
- Impact score
- 4.2
- Exploitability score
- 1.4
- Vector string
- CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-862
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:elastic_storage_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "163FDB0B-5307-4CD9-9FE8-4E5D188FD1DE",
"versionEndExcluding": "6.1.3.0"
},
{
"criteria": "cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2832663B-B3D8-494A-9499-B881D4919B13",
"versionEndExcluding": "5.1.3.0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]