PT-2021-12214 · Ibm · Ibm Spectrum Scale

Published

2021-03-16

Updated

2022-07-12

CVE-2020-4890

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions IBM Spectrum Scale versions 5.0.0 through 5.0.5.5 IBM Spectrum Scale versions 5.1.0 through 5.1.0.2

Description The issue allows a local user with a valid role to the REST API to cause a denial of service due to weak or absence of rate limiting.

Recommendations For IBM Spectrum Scale versions 5.0.0 through 5.0.5.5, consider implementing rate limiting on the REST API to prevent denial of service attacks. For IBM Spectrum Scale versions 5.1.0 through 5.1.0.2, consider implementing rate limiting on the REST API to prevent denial of service attacks.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-4890

Affected Products

Ibm Spectrum Scale

PT-2021-12214 · Ibm · Ibm Spectrum Scale

CVE-2020-4890

Related Identifiers

Affected Products

References · 5