CVE-2022-40607

IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. IBM X-Force ID: 235740.

Published: Dec 19, 2022
Updated: Nov 8, 2023
CVE: CVE-2022-40607
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.8
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
ibm / spectrum_scale	-	5.1.4.0.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/235740
https://www.ibm.com/support/pages/node/6848231

Vulnerability Database

289,697

CVE-2022-40607