IBM Security Bulletin: IBM Spectrum Scale Object Protocols functionality is affected by a security vulnerability in Python (CVE-2017-2592)
IBM Spectrum Scale Object Protocols functionality is affected by a security vulnerability in Python that could allow a local authenticated attacker to obtain sensitive information, caused by including sensitive data in the CatchError class. A local attacker could exploit this vulnerability to obtain sensitive information. (CVE-2017-2592)
CVE(s): CVE-2017-2592
Affected product(s) and affected version(s):
IBM Spectrum Scale V4.2.2.0 thru V4.2.2.3
IBM Spectrum Scale V4.2.1.0 thru V4.2.1.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2jrVjly
X-Force Database: http://ift.tt/2elEPpE
The post IBM Security Bulletin: IBM Spectrum Scale Object Protocols functionality is affected by a security vulnerability in Python (CVE-2017-2592) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2ycrTex