IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements (CVE-2017-1654)

A vulnerability has been identified in IBM Spectrum Scale that could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements (CVE-2017-1654).

CVE(s): CVE-2017-1654

Affected product(s) and affected version(s):

IBM Spectrum Scale V5.0.0

IBM Spectrum Scale V4.2.3.0 thru V4.2.3.6

IBM Spectrum Scale V4.2.2.0 thru V4.2.2.3

IBM Spectrum Scale V4.2.1.0 thru V4.2.1.2

IBM Spectrum Scale V4.2.0.0 thru V4.2.0.4

IBM Spectrum Scale V4.1.1.0 thru V4.1.1.18

IBM General Parallel File System V4.1.0.0 thru V4.1.0.8

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=ssg1S1010869
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/133378

The post IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale that could allow a local unprivileged user access to information located in dump files. User data could be sent to IBM during service engagements (CVE-2017-1654) appeared first on IBM PSIRT Blog.

from IBM Product Security Incident Response Team http://ift.tt/2GKyDUv