CVE-2020-4926

Published: May 24, 2022Modified: Nov 21, 2024

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability: 3.9 / Impact: 5.2

Source: NVD

Description

A vulnerability in the Spectrum Scale 5.1 core component and IBM Elastic Storage System 6.1 could allow unauthorized access to user data or injection of arbitrary data in the communication protocol. IBM X-Force ID: 191600.

Affected (2)

Products: Ibm: Elastic Storage System, Spectrum Scale

Ibm

2 products

Elastic Storage System

Spectrum Scale

Configuration A

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm Elastic Storage System	Before 6.1.3.0
Ibm Spectrum Scale	Before 5.1.3.0

Running on/with	Platform Versions
Linux Linux Kernel	All versions

Related CWEs

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (6)

https://exchange.xforce.ibmcloud.com/vulnerabilities/191600

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6565399

Source: psirt@us.ibm.com

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6589109

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/191600

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6565399

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6589109

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.