Improper Input Validation in IBM Spectrum Scale Affects File Security
CVE-2020-4981

4.4MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Scale
Vendor: CVE Published:; 27 April 2021

Summary

IBM Spectrum Scale versions 5.0.4.1 to 5.1.0.3 are susceptible to a vulnerability that allows a local privileged user to overwrite files due to insufficient input validation measures. This flaw stems from the application's handling of user inputs, potentially enabling exploitation that could lead to unauthorized file modifications. For detailed information, refer to IBM's support page and the X-Force vulnerability database.

Affected Version(s)

Spectrum Scale 5.0.4.1

Spectrum Scale 5.1.0.3

References

https://www.ibm.com/support/pages/node/6447077

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/192541

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 27, 2021
Vulnerability Reserved
Dec 30, 2019