The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale which could allow an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS (CVE-2018-1783).
CVE(s): CVE-2018-1783
Affected product(s) and affected version(s):
The Elastic Storage Server 5.3 thru 5.3.1.1
The Elastic Storage Server 5.0.0 thru 5.2.3
The Elastic Storage Server 4.5.0 thru 4.6.0
The Elastic Storage Server 4.0.0 thru 4.0.6
The Elastic Storage Server 3.5.0 thru 3.5.6
The Elastic Storage Server 3.0.0 thru 3.0.5
The Elastic Storage Server 2.5.0 thru 2.5.5
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10740139
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148806
The post IBM Security Bulletin: The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale (CVE-2018-1783) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team https://ift.tt/2QmzR0B
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.