Vulnerability CVE-2016-2984 - CERT Civis.Net

Vulnerability Name:

CVE-2016-2984 (CCN-114000)

Assigned:

2016-08-04

Published:

2016-08-04

Updated:

2016-11-28

Summary:

IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program.

CVSS v3 Severity:

7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.1 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.2 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2016-2984

Source: CONFIRM
Type: Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1007994

Source: CCN
Type: IBM Security Bulletin T1023945 (General Parallel File System)
IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin T1024336 (GPFS Native RAID for GPFS Storage Server/Elastic Storage Server)
The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin S1007994 (Spectrum Scale)
IBM Spectrum Scale and IBM GPFS are affected by security vulnerabilities (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin S1009243 (Storage Management)
The Elastic Storage Server and the GPFS Storage Server are affected by a vulnerability in IBM Spectrum Scale (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin S1009323 (Scale Out Network Attached Storage)
GPFS security vulnerabilities in IBM SONAS (CVE-2016-2985 and CVE-2016-2984 )

Source: CCN
Type: IBM Security Bulletin S1009324 (Storwize V7000 Unified (2073))
GPFS security vulnerabilities in IBM Storwize V7000 Unified (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin 1988929 (PureApplication System)
The GPFS pattern provided with IBM PureApplication System is affected by security vulnerabilities. (CVE-2016-2985 and CVE-2016-2984)

Source: CCN
Type: IBM Security Bulletin 1989842 (DB2 for Linux, UNIX and Windows)
IBM DB2 LUW on AIX and Linux Affected by Multiple Vulnerabilities in GPFS (CVE-2016-2984, CVE-2016-2985).

Source: BID
Type: UNKNOWN
92410

Source: CCN
Type: BID-92410
IBM Spectrum Scale and IBM GPFS CVE-2016-2984 Local Command Execution Vulnerability

Source: XF
Type: UNKNOWN
ibm-gpfs-cve20162984-priv-escalation(114000)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.1.1.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.2.0.3:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:ibm:general_parallel_file_system:3.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.10:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.11:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.12:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.13:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.14:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.15:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.16:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.17:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.18:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.19:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.20:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.21:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.22:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.23:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.24:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.25:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.26:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.27:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.28:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.29:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.30:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:3.5.0.31:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:general_parallel_file_system:4.1.0.8:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_scale:4.2.0.0:*:*:*:*:*:*:*

AND

cpe:/a:ibm:pureapplication_system:2.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.2.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:pureapplication_system:2.1.2.3:*:*:*:*:*:*:*

Denotes that component is vulnerable