PT-2020-18037 · Ibm · Ibm Spectrum Scale

Published

2020-05-27

Updated

2020-05-27

CVE-2020-4378

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions IBM Spectrum Scale versions 5.0.0.0 through 5.0.4.4

Description The issue allows a privileged authenticated user to perform unauthorized actions using a specially crafted HTTP POST command.

Recommendations For IBM Spectrum Scale versions 5.0.0.0 through 5.0.4.4, consider restricting access to the HTTP POST command until a fix is available. As a temporary workaround, limit the privileges of authenticated users to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-4378

Affected Products

Ibm Spectrum Scale

PT-2020-18037 · Ibm · Ibm Spectrum Scale

CVE-2020-4378

Related Identifiers

Affected Products

References · 4