Vulnerability Details CVE-2016-0392
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.0%
CVSS Severity
CVSS v3 Score 8.4
CVSS v2 Score 4.6
References
- http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
- http://www.securityfocus.com/archive/1/538620/100/0/threaded
- http://www.securityfocus.com/bid/91082
- http://www.securitytracker.com/id/1036458
- http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
- http://www.securityfocus.com/archive/1/538620/100/0/threaded
- http://www.securityfocus.com/bid/91082
- http://www.securitytracker.com/id/1036458
Products affected by CVE-2016-0392
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.0
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.1
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.2
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.3
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.4
-
cpe:2.3:a:ibm:elastic_storage_server:2.5.5
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.0
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.1
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.2
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.3
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.4
-
cpe:2.3:a:ibm:elastic_storage_server:3.0.5
-
cpe:2.3:a:ibm:elastic_storage_server:3.5.0
-
cpe:2.3:a:ibm:elastic_storage_server:3.5.1
-
cpe:2.3:a:ibm:elastic_storage_server:3.5.2
-
cpe:2.3:a:ibm:elastic_storage_server:3.5.3
-
cpe:2.3:a:ibm:elastic_storage_server:3.5.4
-
cpe:2.3:a:ibm:elastic_storage_server:4.0.0
-
cpe:2.3:a:ibm:elastic_storage_server:4.0.1
-
cpe:2.3:a:ibm:elastic_storage_server:4.0.2
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.0
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.1
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.2
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.3
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.4
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.5
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.6
-
cpe:2.3:a:ibm:general_parallel_file_system_storage_server:2.0.7