CVE-2021-29740

8.4HIGH

Key Information:

Vendor: IBM
Status: Spectrum Scale
Vendor: CVE Published:; 1 June 2021

Summary

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.

Affected Version(s)

Spectrum Scale 5.0.0

Spectrum Scale 5.1.0

Spectrum Scale 5.0.5.6

References

https://www.ibm.com/support/pages/node/6457629

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/201474

vdb-entryx_refsource_XF

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 1, 2021
Vulnerability Reserved
Mar 31, 2021