Information Disclosure in IBM Spectrum Scale's Transparent Cloud Tiering
CVE-2020-4850

4MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Scale
Vendor: CVE Published:; 20 May 2021

Summary

The vulnerability in IBM Spectrum Scale's Transparent Cloud Tiering arises from improper handling of leftover files after configuration changes. This flaw can enable a remote attacker to gain unauthorized access to sensitive information, leading to potential data breaches. Proper mitigation strategies and timely updates are essential to protect against exploitation. For more information, refer to IBM's support page and X-Force database.

Affected Version(s)

Spectrum Scale 1.1.1.0

Spectrum Scale 1.1.8.4

References

https://www.ibm.com/support/pages/node/6454787

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/190298

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 20, 2021
Vulnerability Reserved
Dec 30, 2019