CVE-2019-15897
Severity CVSS v4.0:
Pending analysis
Type:
CWE-287
Authentication Issues
Publication date:
05/12/2019
Last modified:
17/06/2026
Description
beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Bypass via communication with a BeeGFS metadata server (which is typically not exposed to external networks).
Impact
Base Score 3.x
9.60
Severity 3.x
CRITICAL
Base Score 2.0
8.30
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:thinkparq:beegfs:*:*:*:*:*:*:*:* | 7.1.3 (including) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://packetstormsecurity.com/files/155573/BeeGFS-7.1.3-Privilege-Escalation.html
- https://seclists.org/bugtraq/2019/Dec/7
- https://www.hpcsec.com/2019/12/04/cve-2019-15897/
- http://packetstormsecurity.com/files/155573/BeeGFS-7.1.3-Privilege-Escalation.html
- https://seclists.org/bugtraq/2019/Dec/7
- https://www.hpcsec.com/2019/12/04/cve-2019-15897/



