First published: Fri Oct 05 2018(Updated: )
IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2) command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806.
Credit: psirt@us.ibm.com
Affected Software | Affected Version | How to fix |
---|---|---|
IBM Spectrum Scale | >=4.1.0.0<=4.1.1.20 | |
IBM Spectrum Scale | >=4.2.0.0<=4.2.3.10 | |
IBM Spectrum Scale | >=5.0.0.0<=5.0.1.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-1783 is classified as a moderate severity vulnerability that allows an unprivileged user to disrupt GPFS services.
To fix CVE-2018-1783, upgrade to the latest version of IBM Spectrum Scale that includes security patches addressing this vulnerability.
CVE-2018-1783 affects users of IBM Spectrum Scale versions 4.1.1.0 to 4.1.1.20, 4.2.0.0 to 4.2.3.10, and 5.0.0 to 5.0.1.2.
The risks of CVE-2018-1783 include potential denial of service attacks that can compromise data access on GPFS.
As of the last update, there have been no confirmed reports of active exploitation of CVE-2018-1783 in the wild.