PT-2018-6286 · Ibm · Ibm Spectrum Scale

Publicado

2018-03-02

Atualizado

2019-10-09

CVE-2017-1654

CVSS v3.1

4.0

Média

Vetor

A:N/AC:L/AV:L/C:L/I:N/PR:N/S:U/UI:N

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Scale versions 4.1.1 and 4.2.0 through 4.2.3

Description: A local unprivileged user could access information located in dump files. User data could be sent to IBM during service engagements.

Recommendations: For versions 4.1.1, consider restricting access to dump files until a fix is available. For versions 4.2.0 through 4.2.3, restrict access to dump files to prevent unauthorized data access.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-1654

Produtos afetados

Ibm Spectrum Scale

PT-2018-6286 · Ibm · Ibm Spectrum Scale

CVE-2017-1654

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5