IBM Spectrum Scale command execution
CVE-2022-43867

7.8HIGH

Key Information:

Vendor
IBM
Status
Spectrum Scale
Vendor
CVE Published:
6 December 2022

Summary

IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacker to execute arbitrary commands in the container. IBM X-Force ID: 239437.

Affected Version(s)

Spectrum Scale 5.1.0.1 < 5.1.4.1

References

https://www.ibm.com/support/pages/node/6844771
vendor-advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/239437
vdb-entry

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.