CVE-2016-6115

high-risk
Published 2017-02-01

IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash.

Do I need to act?

~
3.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.2/10 High
NETWORK / LOW complexity

Affected Products (20)

General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System
General Parallel File System

Affected Vendors

Ibm

References (4)

Patch http://www.ibm.com/support/docview.wss?uid=ssg1S1009639
Third Party Advisory http://www.securityfocus.com/bid/95272
Patch http://www.ibm.com/support/docview.wss?uid=ssg1S1009639
Third Party Advisory http://www.securityfocus.com/bid/95272
55
/ 100
high-risk
Severity 26/34 · High
Exploitability 7/34 · Low
Exposure 22/34 · High