CVE-2020-4756

Published: Oct 20, 2020Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service. IBM X-Force ID: 188599.

Affected (3)

Products: Ibm: Elastic Storage Server, Spectrum Scale

2 products

Elastic Storage Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Elastic Storage Server	From 6.0.0.0 to 6.0.1.0
Ibm Spectrum Scale	After 4.2.0.0 to 4.2.3.23
Ibm Spectrum Scale	After 5.0.0.0 to 5.0.5.2

Related CWEs

Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

References (6)

https://exchange.xforce.ibmcloud.com/vulnerabilities/188599

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6349469

Source: psirt@us.ibm.com

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6349475

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/188599

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6349469

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6349475

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.