CVE-2015-7403
CVE-2015-7403 is a medium-severity vulnerability in Ibm General Parallel File System with a CVSS 3.x base score of 4.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 3.x base score 4.0)
- CVSS v2: 2.1
- EPSS exploit prediction: 0% (28th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Ibm General Parallel File System
- Published:
- Last modified:
Description
IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
Frequently asked questions
- What is CVE-2015-7403?
- IBM Spectrum Scale 4.1.1.x before 4.1.1.3 and General Parallel File System (GPFS) 3.5.x before 3.5.0.29 and 4.1.x through 4.1.0.8 on AIX allow local users to cause a denial of service (incorrect pointer dereference and node crash) via unspecified vectors.
- How severe is CVE-2015-7403?
- CVE-2015-7403 has a CVSS 3.x base score of 4.0, rated medium severity. It is exploitable over local access with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity none, and availability low.
- Is CVE-2015-7403 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (28th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2015-7403?
- CVE-2015-7403 primarily affects Ibm General Parallel File System. In total, 4 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2015-7403?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2015-7403 published?
- CVE-2015-7403 was published on 2016-01-02 and last updated on 2026-06-17.
References
- http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005452
- http://www-01.ibm.com/support/docview.wss?uid=swg21972152
- http://www.securityfocus.com/bid/79805
- http://www.securitytracker.com/id/1035094
Affected products (4)
- cpe:2.3:a:ibm:general_parallel_file_system:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spectrum_scale:4.1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spectrum_scale:4.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spectrum_scale:4.1.1.2:*:*:*:*:*:*:*
More vulnerabilities in Ibm General Parallel File System
- CVE-2015-0198 — Critical (CVSS 10.0): IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 in certain…
- CVE-2018-1431 — High (CVSS 7.4): A vulnerability in GSKit affects IBM Spectrum Scale 4.1.1, 4.2.0, 4.2.1, 4.2.3, and 5.0.0 that could allow a local…
- CVE-2016-6115 — High (CVSS 7.2): IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a…
- CVE-2015-4974 — High (CVSS 7.2): IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x…
- CVE-2015-0197 — High (CVSS 7.2): IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1.0.7 allows local…
- CVE-2016-2985 — High (CVSS 7.0): IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System (GPFS) 3.5.x before…