Lucene search

[email protected]CVE-2014-3043

HistoryJul 19, 2014 - 5:09 a.m.

CVE-2014-3043

2014-07-1905:09:27

CWE-264

[email protected]

web.nvd.nist.gov

cve-2014-3043

ibm

storwize

v7000

unified

nvd

security

vulnerability

remote access

authentication

6.5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.0%

JSON

IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.3 allows remote authenticated users to gain privileges by leveraging access to the service account.

Affected configurations

NVD

Node

ibmstorwize_unified_v7000_softwareMatch1.3.0.0

ibmstorwize_unified_v7000_softwareMatch1.3.1.0

ibmstorwize_unified_v7000_softwareMatch1.4.0.0

ibmstorwize_unified_v7000_softwareMatch1.4.0.1

ibmstorwize_unified_v7000_softwareMatch1.4.0.2

ibmstorwize_unified_v7000_softwareMatch1.4.0.3

ibmstorwize_unified_v7000_softwareMatch1.4.0.4

ibmstorwize_unified_v7000_softwareMatch1.4.0.5

ibmstorwize_unified_v7000_softwareMatch1.4.1.0

ibmstorwize_unified_v7000_softwareMatch1.4.1.1

ibmstorwize_unified_v7000_softwareMatch1.4.2.0

ibmstorwize_unified_v7000_softwareMatch1.4.2.1

ibmstorwize_unified_v7000_softwareMatch1.4.3.0

ibmstorwize_unified_v7000_softwareMatch1.4.3.1

ibmstorwize_unified_v7000_softwareMatch1.4.3.2

AND

ibmstorwize_unified_v7000Match-

CPENameOperatorVersion
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.3.0.0
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.3.1.0
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.0
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.1
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.2
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.3
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.4
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.0.5
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.1.0
ibm:storwize_unified_v7000_softwareibm storwize unified v7000 softwareeq1.4.1.1

CPE	Name	Operator	Version
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.3.0.0
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.3.1.0
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.0
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.1
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.2
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.3
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.4
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.0.5
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.1.0
ibm:storwize_unified_v7000_software	ibm storwize unified v7000 software	eq	1.4.1.1