CVE-2015-0198

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.

Published: Mar 24, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-0198
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
ibm / general_parallel_file_system	4.1	4.1.x
ibm / general_parallel_file_system	3.5	3.5.x
ibm / general_parallel_file_system	3.4	3.4.x

http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062
http://www-304.ibm.com/support/docview.wss?uid=swg21902662
http://www.securityfocus.com/bid/73278
http://www.securitytracker.com/id/1032880

Vulnerability Database

290,206

CVE-2015-0198