CVE-2022-41739 HIGH

CVE-2022-41739: IBM Spectrum Scale privilege escalation

Vendor Ibm
Product Spectrum Scale Container Native Storage Access
Published April 26, 2023
Last update January 31, 2025

CVSS base score

7.9/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:N

What the vulnerability does

01Description

IBM Spectrum Scale (IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0) could allow programs running inside the container to overcome isolation mechanism and gain additional capabilities or access sensitive information on the host. IBM X-Force ID: 237815.

Key dates

02Disclosure timeline

April 26, 2023 CVE published
January 31, 2025 Record updated