This security bulletin contains one medium risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the DCE/RPC fragment injection issue. A remote attacker can replace subsequent fragments in requests with their own data and alter the server behavior.Mitigation
Install update from vendor's website.Vulnerable software versions
IBM Spectrum Scale: 220.127.116.11 - 18.104.22.168
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?