IBM409DAC8A8ACB437F118A04D76E9C6EC229AF13CBFCC8F561B08B9EC721763A72Security Bulletin: Vulnerability in SnapDrive for Windows may Result in Disclosure of Sensitive Information (CVE-2015-8544)
0.003 Low
EPSS
Percentile
68.2%
Summary
A vulnerability in SnapDrive for Windows which may result in disclosure of sensitive information has been addressed by IBM.
Vulnerability Details
CVEID: CVE-2015-8544**
DESCRIPTION:** SnapDrive for Windows could allow a remote attacker to obtain sensitive information, caused by the disclosure of information in cleartext. An attacker could exploit this vulnerability to view restricted data.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110089 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
SnapDrive for Windows: 7.0.3, 7.1.1, 7.1.2, 7.1.3
Remediation/Fixes
For SnapDrive for Windows: the fix exists from microcode version 7.1.3P1
Please contact IBM support or go to this link to download a supported release. And upgrade your software version by referencing the release notes.
Workarounds and Mitigations
none
Related
0.003 Low
EPSS
Percentile
68.2%