Unauthorized Data Access in IBM Spectrum Scale and Elastic Storage System
CVE-2020-4926

5.7MEDIUM

Key Information:

Vendor
IBM
Status
Spectrum Scale
Elastic Storage System
Vendor
CVE Published:
24 May 2022

Summary

A vulnerability present in the core components of IBM Spectrum Scale 5.1 and IBM Elastic Storage System 6.1 could potentially allow unauthorized users to access sensitive data or inject arbitrary information within the communication protocols. This flaw highlights the importance of securing system interfaces to prevent data breaches and ensure the integrity of user information.

Affected Version(s)

Elastic Storage System 6.1

Spectrum Scale 5.1

References

https://www.ibm.com/support/pages/node/6589109
x_refsource_CONFIRM
https://www.ibm.com/support/pages/node/6565399
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/191600
vdb-entryx_refsource_XF

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.