Local File Audit Bypass Vulnerability in IBM Spectrum Scale
CVE-2021-29671

4MEDIUM

Key Information:

Vendor: IBM
Status: Spectrum Scale
Vendor: CVE Published:; 9 April 2021

Summary

IBM Spectrum Scale version 5.1.0.1 is susceptible to a vulnerability that allows local attackers to circumvent the filesystem audit logging mechanism, which could lead to unauthorized access and manipulation of logged file activities, assuming the audit logging feature is activated. This could potentially facilitate malicious activities without being detected, emphasizing the importance of implementing robust security measures and regularly updating affected systems.

Affected Version(s)

Spectrum Scale 5.1.0.1

References

https://www.ibm.com/support/pages/node/6441429

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/199478

vdb-entryx_refsource_XF

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2021
Vulnerability Reserved
Mar 31, 2021