IBM Spectrum Scale denial of service
CVE-2022-43869

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Elastic Storage System; Spectrum Scale
Vendor: CVE Published:; 12 February 2023

Summary

IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539.

Affected Version(s)

Elastic Storage System 6.1.0.0 < 6.1.2.4

Spectrum Scale 5.1.0.0 < 5.1.2.8

Spectrum Scale 5.1.3.0 < 5.1.5.1

References

https://www.ibm.com/support/pages/node/6909469

vendor-advisory

https://www.ibm.com/support/pages/node/6909465

vendor-advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/239539

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 12, 2023
Vulnerability Reserved
Oct 26, 2022

.