Lucene search

K
cve[email protected]CVE-2014-4811
HistorySep 12, 2014 - 1:55 a.m.

CVE-2014-4811

2014-09-1201:55:07
CWE-255
web.nvd.nist.gov
32
ibm
storwize
san volume controller
remote attack
password reset
security vulnerability
nvd
cve-2014-4811

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

Affected configurations

NVD
Node
ibmsan_volume_controller_softwareMatch6.1.0.0
OR
ibmsan_volume_controller_softwareMatch6.1.0.1
OR
ibmsan_volume_controller_softwareMatch6.1.0.2
OR
ibmsan_volume_controller_softwareMatch6.1.0.3
OR
ibmsan_volume_controller_softwareMatch6.1.0.4
OR
ibmsan_volume_controller_softwareMatch6.1.0.5
OR
ibmsan_volume_controller_softwareMatch6.1.0.6
OR
ibmsan_volume_controller_softwareMatch6.1.0.7
OR
ibmsan_volume_controller_softwareMatch6.1.0.8
OR
ibmsan_volume_controller_softwareMatch6.1.0.9
OR
ibmsan_volume_controller_softwareMatch6.1.0.10
OR
ibmsan_volume_controller_softwareMatch6.2.0.0
OR
ibmsan_volume_controller_softwareMatch6.2.0.1
OR
ibmsan_volume_controller_softwareMatch6.2.0.2
OR
ibmsan_volume_controller_softwareMatch6.2.0.3
OR
ibmsan_volume_controller_softwareMatch6.2.0.4
OR
ibmsan_volume_controller_softwareMatch6.2.0.5
OR
ibmsan_volume_controller_softwareMatch6.2.0.6
OR
ibmsan_volume_controller_softwareMatch6.3.0.0
OR
ibmsan_volume_controller_softwareMatch6.3.0.1
OR
ibmsan_volume_controller_softwareMatch6.3.0.2
OR
ibmsan_volume_controller_softwareMatch6.3.0.3
OR
ibmsan_volume_controller_softwareMatch6.3.0.4
OR
ibmsan_volume_controller_softwareMatch6.3.0.5
OR
ibmsan_volume_controller_softwareMatch6.3.0.6
OR
ibmsan_volume_controller_softwareMatch6.3.0.7
OR
ibmsan_volume_controller_softwareMatch6.4.0.0
OR
ibmsan_volume_controller_softwareMatch6.4.0.1
OR
ibmsan_volume_controller_softwareMatch6.4.0.2
OR
ibmsan_volume_controller_softwareMatch6.4.0.3
OR
ibmsan_volume_controller_softwareMatch6.4.0.4
OR
ibmsan_volume_controller_softwareMatch6.4.1.1
OR
ibmsan_volume_controller_softwareMatch6.4.1.2
OR
ibmsan_volume_controller_softwareMatch6.4.1.3
OR
ibmsan_volume_controller_softwareMatch6.4.1.4
OR
ibmsan_volume_controller_softwareMatch6.4.1.5
OR
ibmsan_volume_controller_softwareMatch6.4.1.6
OR
ibmsan_volume_controller_softwareMatch6.4.1.7
OR
ibmsan_volume_controller_softwareMatch6.4.1.8
OR
ibmsan_volume_controller_softwareMatch7.1.0.0
OR
ibmsan_volume_controller_softwareMatch7.1.0.1
OR
ibmsan_volume_controller_softwareMatch7.1.0.2
OR
ibmsan_volume_controller_softwareMatch7.1.0.3
OR
ibmsan_volume_controller_softwareMatch7.1.0.5
OR
ibmsan_volume_controller_softwareMatch7.1.0.6
OR
ibmsan_volume_controller_softwareMatch7.1.0.7
OR
ibmsan_volume_controller_softwareMatch7.2.0.0
OR
ibmsan_volume_controller_softwareMatch7.2.0.1
OR
ibmsan_volume_controller_softwareMatch7.2.0.2
OR
ibmsan_volume_controller_softwareMatch7.2.0.3
OR
ibmsan_volume_controller_softwareMatch7.2.0.4
OR
ibmsan_volume_controller_softwareMatch7.2.0.5
OR
ibmsan_volume_controller_softwareMatch7.2.0.6
OR
ibmsan_volume_controller_softwareMatch7.2.0.7
OR
ibmstorwize_v3500Match-
OR
ibmstorwize_v3700Match-
OR
ibmstorwize_v5000Match-
OR
ibmstorwize_v7000Match-

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

Related for CVE-2014-4811