beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks).
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/155573/BeeGFS-7.1.3-Privilege-Escalation.html | Mitigation Third Party Advisory VDB Entry |
https://seclists.org/bugtraq/2019/Dec/7 | Mailing List Mitigation Third Party Advisory |
https://www.hpcsec.com/2019/12/04/cve-2019-15897/ | Mitigation Third Party Advisory |
Configurations
History
No history.
Information
Published : 2019-12-05 16:15
Updated : 2020-08-24 17:37
NVD link : CVE-2019-15897
Mitre link : CVE-2019-15897
CVE.ORG link : CVE-2019-15897
JSON object : View
Products Affected
thinkparq
- beegfs
CWE
CWE-287
Improper Authentication