IBM Spectrum Scale Container Native Storage Access privilege escalation
CVE-2022-41736

8.4HIGH

Key Information:

Vendor: IBM
Status: Spectrum Scale Container Native Storage Access
Vendor: CVE Published:; 29 April 2023

Summary

A vulnerability exists in IBM Spectrum Scale Container Native Storage Access versions 5.1.2.1 through 5.1.6.0 that may allow a local user to gain elevated root privileges. This could potentially lead to unauthorized actions within the system, posing a significant security risk. Users are advised to apply patches or updates as recommended by IBM to mitigate the risk associated with this vulnerability.

Affected Version(s)

Spectrum Scale Container Native Storage Access 5.1.2.1 <= 5.1.6.0

References

https://www.ibm.com/support/pages/node/6964564

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/237810

vdb-entry

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 29, 2023
Vulnerability Reserved
Sep 28, 2022