Lucene search
HistorySep 12, 2014 - 1:55 a.m.
CVE-2014-4811
ibm
storwize
san volume controller
remote attack
password reset
security vulnerability
nvd
cve-2014-4811
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.2%
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
Affected configurations
Node
ibmsan_volume_controller_softwareMatch6.1.0.0
ORibmsan_volume_controller_softwareMatch6.1.0.1
ORibmsan_volume_controller_softwareMatch6.1.0.2
ORibmsan_volume_controller_softwareMatch6.1.0.3
ORibmsan_volume_controller_softwareMatch6.1.0.4
ORibmsan_volume_controller_softwareMatch6.1.0.5
ORibmsan_volume_controller_softwareMatch6.1.0.6
ORibmsan_volume_controller_softwareMatch6.1.0.7
ORibmsan_volume_controller_softwareMatch6.1.0.8
ORibmsan_volume_controller_softwareMatch6.1.0.9
ORibmsan_volume_controller_softwareMatch6.1.0.10
ORibmsan_volume_controller_softwareMatch6.2.0.0
ORibmsan_volume_controller_softwareMatch6.2.0.1
ORibmsan_volume_controller_softwareMatch6.2.0.2
ORibmsan_volume_controller_softwareMatch6.2.0.3
ORibmsan_volume_controller_softwareMatch6.2.0.4
ORibmsan_volume_controller_softwareMatch6.2.0.5
ORibmsan_volume_controller_softwareMatch6.2.0.6
ORibmsan_volume_controller_softwareMatch6.3.0.0
ORibmsan_volume_controller_softwareMatch6.3.0.1
ORibmsan_volume_controller_softwareMatch6.3.0.2
ORibmsan_volume_controller_softwareMatch6.3.0.3
ORibmsan_volume_controller_softwareMatch6.3.0.4
ORibmsan_volume_controller_softwareMatch6.3.0.5
ORibmsan_volume_controller_softwareMatch6.3.0.6
ORibmsan_volume_controller_softwareMatch6.3.0.7
ORibmsan_volume_controller_softwareMatch6.4.0.0
ORibmsan_volume_controller_softwareMatch6.4.0.1
ORibmsan_volume_controller_softwareMatch6.4.0.2
ORibmsan_volume_controller_softwareMatch6.4.0.3
ORibmsan_volume_controller_softwareMatch6.4.0.4
ORibmsan_volume_controller_softwareMatch6.4.1.1
ORibmsan_volume_controller_softwareMatch6.4.1.2
ORibmsan_volume_controller_softwareMatch6.4.1.3
ORibmsan_volume_controller_softwareMatch6.4.1.4
ORibmsan_volume_controller_softwareMatch6.4.1.5
ORibmsan_volume_controller_softwareMatch6.4.1.6
ORibmsan_volume_controller_softwareMatch6.4.1.7
ORibmsan_volume_controller_softwareMatch6.4.1.8
ORibmsan_volume_controller_softwareMatch7.1.0.0
ORibmsan_volume_controller_softwareMatch7.1.0.1
ORibmsan_volume_controller_softwareMatch7.1.0.2
ORibmsan_volume_controller_softwareMatch7.1.0.3
ORibmsan_volume_controller_softwareMatch7.1.0.5
ORibmsan_volume_controller_softwareMatch7.1.0.6
ORibmsan_volume_controller_softwareMatch7.1.0.7
ORibmsan_volume_controller_softwareMatch7.2.0.0
ORibmsan_volume_controller_softwareMatch7.2.0.1
ORibmsan_volume_controller_softwareMatch7.2.0.2
ORibmsan_volume_controller_softwareMatch7.2.0.3
ORibmsan_volume_controller_softwareMatch7.2.0.4
ORibmsan_volume_controller_softwareMatch7.2.0.5
ORibmsan_volume_controller_softwareMatch7.2.0.6
ORibmsan_volume_controller_softwareMatch7.2.0.7
ORibmstorwize_v3500Match-
ORibmstorwize_v3700Match-
ORibmstorwize_v5000Match-
ORibmstorwize_v7000Match-
Related
ibm
ibm
prion
prion
Design/Logic Flaw
2014-09-12 01:55:00
cvelist
cvelist
CVE-2014-4811
2014-09-12 01:00:00
nvd
nvd
CVE-2014-4811
2014-09-12 01:55:07
nessus
nessus
IBM Storwize 1.3.x < 1.4.3.4 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities
2015-06-26 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
79.2%
Related for CVE-2014-4811