Local Privilege Escalation in IBM Spectrum Scale and General Parallel File System
CVE-2016-0263

7HIGH

Key Information:

Vendor
IBM
Status
General Parallel File System Storage Server
Vendor
CVE Published:
29 June 2016

Summary

A vulnerability exists in IBM Spectrum Scale and General Parallel File System that permits local users to impose a crafted mmapplypolicy command, potentially leading to unauthorized privilege escalation or denial of service. Systems running affected versions are at risk if proper security measures are not in place to mitigate potential exploits.

References

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708
x_refsource_CONFIRM
http://www.securitytracker.com/id/1036458
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/90525
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.