Denial of Service Vulnerability in IBM Elastic Storage Products
CVE-2020-5015
7.5HIGH
Summary
The IBM Elastic Storage System (versions 6.0.0 to 6.0.1.2) and IBM Elastic Storage Server (versions 5.3.0 to 5.3.6.2) are susceptible to a denial of service. This vulnerability arises when a remote attacker sends specially crafted UDP requests, which can cause the system to become unresponsive. Organizations using these products should implement measures to monitor their network traffic and apply security updates promptly to mitigate the risks associated with this issue.
Affected Version(s)
Elastic Storage Server 5.3.0
Elastic Storage Server 6.0.0
Elastic Storage Server 6.0.1.2
References
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved