PT-2015-1311 · Ibm · Ibm General Parallel File System
Felix Wilhelm
+1
·
Publicado
2015-03-23
·
Atualizado
2016-12-31
·
CVE-2015-0198
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM General Parallel File System (GPFS) versions 3.4 before 3.4.0.32
IBM General Parallel File System (GPFS) versions 3.5 before 3.5.0.24
IBM General Parallel File System (GPFS) versions 4.1 before 4.1.0.7
Description
The issue is related to insufficient authentication of network packets when the cipherList configuration parameter is set. This can be exploited by a remote attacker to execute applications with administrator privileges.
Recommendations
For IBM General Parallel File System (GPFS) versions 3.4 before 3.4.0.32, update to version 3.4.0.32 or later.
For IBM General Parallel File System (GPFS) versions 3.5 before 3.5.0.24, update to version 3.5.0.24 or later.
For IBM General Parallel File System (GPFS) versions 4.1 before 4.1.0.7, update to version 4.1.0.7 or later.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm General Parallel File System