CVE-2016-0392 Information
Feb 14, 2021
cve
Description
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5 3.x before 3.5.5 and 4.x before 4.0.3 as distributed in Spectrum Scale RAID allows local users to gain privileges via a crafted parameter to a setuid program.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html http://www.securityfocus.com/archive/1/538620/100/0/threaded http://www.securityfocus.com/bid/91082 http://www.securitytracker.com/id/1036458 http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875 http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
8.4
Share on: