Home Unlabelled Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected where the local attacker can obtain root privilege by injecting parameters into setuid files (CVE-2019-4558)

Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected where the local attacker can obtain root privilege by injecting parameters into setuid files (CVE-2019-4558)

By
Monday, December 23, 2019
Read
Add Comment

The Elastic Storage Server is affected by a vulnerability in IBM Spectrum Scale where one can obtain root privilege by injecting parameters into setuid files. A fix for this vulnerability is available.

Affected product(s) and affected version(s):

The Elastic Storage Server 5.3.0 through 5.3.4.1
The Elastic Storage Server 5.0.0 through 5.2.7.0
The Elastic Storage Server 4.5.0 through 4.6.0.0
The Elastic Storage Server 4.0.0 through 4.0.6.0

Refer to the following reference URLs for remediation and additional vulnerability details:  
Source Bulletin: https://www.ibm.com/support/pages/node/1118991

The post Security Bulletin: IBM Spectrum Scale for IBM Elastic Storage Server is affected where the local attacker can obtain root privilege by injecting parameters into setuid files (CVE-2019-4558) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team https://ift.tt/2tM8i7i
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us