Remote Code Execution Vulnerability in IBM General Parallel File System
CVE-2015-0198

Currently unrated

Key Information:

Vendor: IBM
Status: General Parallel File System
Vendor: CVE Published:; 24 March 2015

Summary

A vulnerability in IBM General Parallel File System allows remote attackers to bypass authentication due to improper handling of certain cipherList configurations. This weakness can enable adversaries to execute arbitrary programs with root privileges, posing significant risks to data integrity and system security. To mitigate this vulnerability, it is crucial to upgrade to the specified versions where the issue has been patched and review security configurations.

References

http://www.securityfocus.com/bid/73278

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1032880

vdb-entryx_refsource_SECTRACK

http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 24, 2015
Vulnerability Reserved
Nov 18, 2014