CVE-2015-1890

/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7 produces an archive potentially containing cleartext keys, and lacks a warning about reviewing this archive to detect included keys, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream.

Published: Apr 6, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-1890
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
ibm / general_parallel_file_system	4.1	4.1.x

http://www.ibm.com/support/docview.wss?uid=isg3T1022077
http://www.securityfocus.com/bid/73918

Vulnerability Database

290,206

CVE-2015-1890