CVE-2022-43869 MEDIUM

CVE-2022-43869: IBM Spectrum Scale denial of service

Vendor Ibm
Product Elastic Storage System
Weakness CWE-134
Published February 8, 2023
Last update March 25, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM Spectrum Scale (5.1.0.0 through 5.1.2.8 and 5.1.3.0 through 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 through 6.1.2.4 and 6.1.3.0 through 6.1.4.1) could allow an authenticated user to cause a denial of service through the GUI using a format string attack. IBM X-Force ID: 239539.

Key dates

02Disclosure timeline

February 8, 2023 CVE published
March 25, 2025 Record updated