CVE-2015-0198

IBM General Parallel File System - Authentication Bypass

Title source: rule

Description

IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain cipherList configurations allows remote attackers to bypass authentication and execute arbitrary programs as root via unspecified vectors.

References (4)

[Patch, Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=isg3T1022062

[Various Sources] http://www-304.ibm.com/support/docview.wss?uid=swg21902662

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032880

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/73278

Scores

EPSS 0.0127

EPSS Percentile 79.3%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

ibm/general_parallel_file_system

Timeline

Published Mar 24, 2015

Tracked Since Feb 18, 2026