Lucene search

K
cve[email protected]CVE-2014-4811
HistorySep 12, 2014 - 1:55 a.m.

CVE-2014-4811

2014-09-1201:55:07
CWE-255
web.nvd.nist.gov
32
ibm
storwize
san volume controller
remote attack
password reset
security vulnerability
nvd
cve-2014-4811

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

79.1%

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

Affected configurations

NVD
Node
ibmsan_volume_controller_softwareMatch6.1.0.0
OR
ibmsan_volume_controller_softwareMatch6.1.0.1
OR
ibmsan_volume_controller_softwareMatch6.1.0.2
OR
ibmsan_volume_controller_softwareMatch6.1.0.3
OR
ibmsan_volume_controller_softwareMatch6.1.0.4
OR
ibmsan_volume_controller_softwareMatch6.1.0.5
OR
ibmsan_volume_controller_softwareMatch6.1.0.6
OR
ibmsan_volume_controller_softwareMatch6.1.0.7
OR
ibmsan_volume_controller_softwareMatch6.1.0.8
OR
ibmsan_volume_controller_softwareMatch6.1.0.9
OR
ibmsan_volume_controller_softwareMatch6.1.0.10
OR
ibmsan_volume_controller_softwareMatch6.2.0.0
OR
ibmsan_volume_controller_softwareMatch6.2.0.1
OR
ibmsan_volume_controller_softwareMatch6.2.0.2
OR
ibmsan_volume_controller_softwareMatch6.2.0.3
OR
ibmsan_volume_controller_softwareMatch6.2.0.4
OR
ibmsan_volume_controller_softwareMatch6.2.0.5
OR
ibmsan_volume_controller_softwareMatch6.2.0.6
OR
ibmsan_volume_controller_softwareMatch6.3.0.0
OR
ibmsan_volume_controller_softwareMatch6.3.0.1
OR
ibmsan_volume_controller_softwareMatch6.3.0.2
OR
ibmsan_volume_controller_softwareMatch6.3.0.3
OR
ibmsan_volume_controller_softwareMatch6.3.0.4
OR
ibmsan_volume_controller_softwareMatch6.3.0.5
OR
ibmsan_volume_controller_softwareMatch6.3.0.6
OR
ibmsan_volume_controller_softwareMatch6.3.0.7
OR
ibmsan_volume_controller_softwareMatch6.4.0.0
OR
ibmsan_volume_controller_softwareMatch6.4.0.1
OR
ibmsan_volume_controller_softwareMatch6.4.0.2
OR
ibmsan_volume_controller_softwareMatch6.4.0.3
OR
ibmsan_volume_controller_softwareMatch6.4.0.4
OR
ibmsan_volume_controller_softwareMatch6.4.1.1
OR
ibmsan_volume_controller_softwareMatch6.4.1.2
OR
ibmsan_volume_controller_softwareMatch6.4.1.3
OR
ibmsan_volume_controller_softwareMatch6.4.1.4
OR
ibmsan_volume_controller_softwareMatch6.4.1.5
OR
ibmsan_volume_controller_softwareMatch6.4.1.6
OR
ibmsan_volume_controller_softwareMatch6.4.1.7
OR
ibmsan_volume_controller_softwareMatch6.4.1.8
OR
ibmsan_volume_controller_softwareMatch7.1.0.0
OR
ibmsan_volume_controller_softwareMatch7.1.0.1
OR
ibmsan_volume_controller_softwareMatch7.1.0.2
OR
ibmsan_volume_controller_softwareMatch7.1.0.3
OR
ibmsan_volume_controller_softwareMatch7.1.0.5
OR
ibmsan_volume_controller_softwareMatch7.1.0.6
OR
ibmsan_volume_controller_softwareMatch7.1.0.7
OR
ibmsan_volume_controller_softwareMatch7.2.0.0
OR
ibmsan_volume_controller_softwareMatch7.2.0.1
OR
ibmsan_volume_controller_softwareMatch7.2.0.2
OR
ibmsan_volume_controller_softwareMatch7.2.0.3
OR
ibmsan_volume_controller_softwareMatch7.2.0.4
OR
ibmsan_volume_controller_softwareMatch7.2.0.5
OR
ibmsan_volume_controller_softwareMatch7.2.0.6
OR
ibmsan_volume_controller_softwareMatch7.2.0.7
OR
ibmstorwize_v3500Match-
OR
ibmstorwize_v3700Match-
OR
ibmstorwize_v5000Match-
OR
ibmstorwize_v7000Match-

6.9 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

79.1%

Related for CVE-2014-4811