IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. IBM X-Force ID: 235740.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/235740 | VDB Entry Vendor Advisory |
| https://www.ibm.com/support/pages/node/6848231 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
07 Nov 2023, 03:52
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | IBM Spectrum Scale 5.1 could allow users with permissions to create pod, persistent volume and persistent volume claim to access files and directories outside of the volume, including on the host filesystem. IBM X-Force ID: 235740. |
23 Dec 2022, 19:36
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://exchange.xforce.ibmcloud.com/vulnerabilities/235740 - VDB Entry, Vendor Advisory | |
| References | (MISC) https://www.ibm.com/support/pages/node/6848231 - Vendor Advisory | |
| CWE | CWE-22 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.8 |
| CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:a:ibm:spectrum_scale:*:*:*:*:*:*:*:* |
|
| First Time |
Ibm
Ibm spectrum Scale Linux Linux linux Kernel |
19 Dec 2022, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-12-19 20:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-40607
Mitre link : CVE-2022-40607
CVE.ORG link : CVE-2022-40607
JSON object : View
Products Affected
linux
- linux_kernel
ibm
- spectrum_scale
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')