CVE-2015-7403

low-risk

Published 2016-01-02

IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.0/10 Medium

LOCAL / LOW complexity

Affected Products (4)

Spectrum Scale

General Parallel File System

Spectrum Scale

Affected Vendors

Ibm

References (8)

Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452

http://www-01.ibm.com/support/docview.wss?uid=swg21972152

http://www.securityfocus.com/bid/79805

http://www.securitytracker.com/id/1035094

Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452

http://www-01.ibm.com/support/docview.wss?uid=swg21972152

http://www.securityfocus.com/bid/79805

http://www.securitytracker.com/id/1035094

/ 100

low-risk

Severity 14/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 10/34 · Low