Skip to main content

General Parallel File System

13 CVEs product

Monthly

CVE-2018-1431 HIGH This Week

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure General Parallel File System Spectrum Scale
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-6115 HIGH PATCH This Week

IBM General Parallel File System is vulnerable to a buffer overflow. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow RCE IBM General Parallel File System Spectrum Scale
NVD
CVSS 3.0
7.2
EPSS
3.9%
CVE-2016-2985 HIGH This Week

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via. Rated high severity (CVSS 7.0). No vendor patch available.

IBM Privilege Escalation Spectrum Scale General Parallel File System
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2016-2984 HIGH This Week

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via. Rated high severity (CVSS 7.0). No vendor patch available.

IBM Privilege Escalation Spectrum Scale General Parallel File System
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2016-0361 MEDIUM PATCH This Month

IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Microsoft General Parallel File System
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2015-7403 MEDIUM This Month

IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service General Parallel File System Spectrum Scale
NVD
CVSS 3.0
4.0
EPSS
0.1%
CVE-2015-4981 LOW PATCH Monitor

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure General Parallel File System Spectrum Scale
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-4974 HIGH PATCH This Week

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

IBM Command Injection General Parallel File System Spectrum Scale
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1890 LOW PATCH Monitor

/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure General Parallel File System
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0199 MEDIUM PATCH This Month

The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

IBM Denial Of Service Buffer Overflow General Parallel File System
NVD
CVSS 2.0
4.9
EPSS
0.2%
CVE-2015-0198 CRITICAL PATCH Act Now

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

IBM Authentication Bypass General Parallel File System
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2015-0197 HIGH PATCH This Week

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

IBM Privilege Escalation General Parallel File System
NVD
CVSS 2.0
7.2
EPSS
0.3%
CVE-2014-0834 MEDIUM This Month

IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM General Parallel File System
NVD
CVSS 2.0
4.0
EPSS
0.7%
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local attacker to obtain control of the Spectrum Scale daemon and to access and modify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure General Parallel File System +1
NVD
EPSS 4% CVSS 7.2
HIGH PATCH This Week

IBM General Parallel File System is vulnerable to a buffer overflow. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow RCE IBM +2
NVD
EPSS 0% CVSS 7.0
HIGH This Week

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via. Rated high severity (CVSS 7.0). No vendor patch available.

IBM Privilege Escalation Spectrum Scale +1
NVD
EPSS 0% CVSS 7.0
HIGH This Week

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via. Rated high severity (CVSS 7.0). No vendor patch available.

IBM Privilege Escalation Spectrum Scale +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

IBM General Parallel File System (GPFS) 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service General Parallel File System +1
NVD
EPSS 0% CVSS 2.1
LOW PATCH Monitor

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure General Parallel File System +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain root privileges for command execution via. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

IBM Command Injection General Parallel File System +1
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure General Parallel File System
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to cause a denial of service (memory. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

IBM Denial Of Service Buffer Overflow +1
NVD
EPSS 1% CVSS 10.0
CRITICAL PATCH Act Now

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

IBM Authentication Bypass General Parallel File System
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local users to obtain root privileges for program execution via unspecified vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

IBM Privilege Escalation General Parallel File System
NVD
EPSS 1% CVSS 4.0
MEDIUM This Month

IBM General Parallel File System (GPFS) 3.4 through 3.4.0.27 and 3.5 through 3.5.0.16 allows attackers to cause a denial of service (daemon crash) via crafted arguments to a setuid program. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service IBM General Parallel File System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy