SymmetricalDataSecurity: IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by a vulnerability which could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node (CVE-2018-1723)

Tuesday, November 27, 2018

IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by a vulnerability which could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node (CVE-2018-1723)

Nov 27, 2018 8:01 am EST

Share this post:

The Elastic Storage Server are affected by a vulnerability in IBM Spectrum Scale could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node (CVE-2018-1723).

CVE(s): CVE-2018-1723

Affected product(s) and affected version(s):

The Elastic Storage Server 5.3 thru 5.3.1.1
The Elastic Storage Server 5.0.0 thru 5.2.3
The Elastic Storage Server 4.5.0 thru 4.6.0
The Elastic Storage Server 4.0.0 thru 4.0.6

The Elastic Storage Server 3.5.0 thru 3.5.6
The Elastic Storage Server 3.0.0 thru 3.0.5
The Elastic Storage Server 2.5.0 thru 2.5.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10740163
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/147373

from IBM Product Security Incident Response Team https://ift.tt/2KC3Lsy

SymmetricalDataSecurity

Tuesday, November 27, 2018

IBM Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected by a vulnerability which could allow an unprivileged, authenticated user with access to a GPFS node to read arbitrary files available on this node (CVE-2018-1723)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews