CVE-2021-29740 — Vulnetix

CVE-2021-29740 PUBLISHED CVSS 8.399999618530273 HIGH

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.

EPSS 0.07% · 22.3th percentile

Risk Scores

CVSS v3.0

8.399999618530273

CVSS:3.0/I:H/S:U/AC:L/A:H/PR:N/C:H/AV:L/UI:N/RL:O/E:U/RC:C

EPSS Score

0.07%

22.3th percentile

Affected Products

Vendor	Product	Versions
IBM	Spectrum Scale	5.0.0, 5.0.5.6, 5.1.0.3
ibm	spectrum_scale	5.0.0.0, 5.1.0

Timeline

Jun 1, 2021 CVE Published
Jun 2, 2021 EPSS Score
Jun 8, 2021 EPSS Score
Jun 13, 2021 EPSS Score
Oct 4, 2021 EPSS Score
Dec 4, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 3, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Apr 5, 2022 EPSS Score
Jun 5, 2022 EPSS Score
Aug 6, 2022 EPSS Score

References

https://www.ibm.com/support/pages/node/6457629 url
ibm-spectrum-cve202129740-priv-escalation (201474) vdb
https://nvd.nist.gov/vuln/detail/CVE-2021-29740 advisory
https://www.ibm.com/support/pages/node/6457727 advisory
https://www.ibm.com/support/pages/node/6457777 advisory

Open in Interactive Console →