Lucene search
HistorySep 15, 2014 - 2:55 p.m.
CVE-2014-3077
ibm
sonas
system storage
storwize
v7000 unified
v7000u
security
vulnerability
audit log
sensitive information
local users
5.8 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
Related
prion
prion
Default credentials
2014-09-15 14:55:00
ibm
ibm
cvelist
cvelist
CVE-2014-3077
2014-09-15 14:00:00
nessus
nessus
IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities
2015-06-26 00:00:00
5.8 Medium
AI Score
Confidence
Low
2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2014-3077