PT-2020-5527 · Ibm · Ibm Spectrum Scale

Published

2020-03-06

Updated

2020-03-09

CVE-2020-4217

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions IBM Spectrum Scale versions 4.2 through 5.0

Description The issue is related to insufficient checking of unusual or exceptional states in the file system component of IBM Spectrum Scale. This can be exploited by a remote attacker to cause a denial of service by forcing the mmfsd/mmsdrserv daemons to exit unexpectedly, which impacts the functionality of the Spectrum Scale cluster and the availability of managed file systems.

Recommendations For IBM Spectrum Scale versions 4.2 through 5.0, consider restricting access to the mmfsd/mmsdrserv daemons as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Check for Exceptional Conditions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-754

Related Identifiers

BDU:2021-01042

CVE-2020-4217

Affected Products

Ibm Spectrum Scale

PT-2020-5527 · Ibm · Ibm Spectrum Scale

CVE-2020-4217

Weakness Enumeration

Related Identifiers

Affected Products

References · 5