CVE-2021-29740

HIGH

IBM Spectrum Scale 5.0.0-5.0.5.6 and 5.1.0-5.1.0.3 - Format String Vulnerability

Title source: llm
STIX 2.1

Description

IBM Spectrum Scale 5.0.0 through 5.0.5.6 and 5.1.0 through 5.1.0.3 system core component is affected by a format string security vulnerability. An attacker could execute arbitrary code in the context of process memory, potentially escalating their system privileges and taking control over the entire system with root access. IBM X-Force ID: 201474.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/pages/node/6457629
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/201474

Scores

CVSS v3 7.8
EPSS 0.0033
EPSS Percentile 24.5%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-134
Status published
Products (1)
ibm/spectrum_scale 5.0.0.0 - 5.0.5.7
Published Jun 01, 2021
Tracked Since Feb 18, 2026