Lucene search

IbmCVELIST:CVE-2021-38882

HistoryNov 16, 2021 - 4:55 p.m.

CVE-2021-38882

2021-11-1616:55:16

ibm

www.cve.org

ibm spectrum scale

admin access

vulnerability

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

AI Score

4.6

Confidence

High

EPSS

Percentile

12.6%

JSON

IBM Spectrum Scale 5.1.0 through 5.1.1.1 could allow a privileged admin to destroy filesystem audit logging records before expiration time. IBM X-Force ID: 209164.

CNA Affected

[
  {
    "product": "Spectrum Scale",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.1.0"
      },
      {
        "status": "affected",
        "version": "5.1.1.1"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/209164

www.ibm.com/support/pages/node/6516426

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C

AI Score

4.6

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-38882