A vulnerability in SnapDrive for Windows which may result in disclosure of sensitive information has been addressed by IBM.
CVEID: CVE-2015-8544**
DESCRIPTION:** SnapDrive for Windows could allow a remote attacker to obtain sensitive information, caused by the disclosure of information in cleartext. An attacker could exploit this vulnerability to view restricted data.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110089 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
SnapDrive for Windows: 7.0.3, 7.1.1, 7.1.2, 7.1.3
For SnapDrive for Windows: the fix exists from microcode version 7.1.3P1
Please contact IBM support or go to this link to download a supported release. And upgrade your software version by referencing the release notes.
none