IBM Storwize V7000 Unified system is shipped with Mozilla firefox, for which a fix is available for a security vulnerability.
CVEID:
CVE-2013-5607
DESCRIPTION:
IBM Storwize V7000 Unified system is shipped with Mozilla firefox. A fix is available for the security vulnerability found with Mozilla firefox. This vulnerability is not exploitable during usual operations of IBM Storwize V7000 Unified system. Nevertheless, since using firefox to access the Internet would implicate this vulnerability, we recommend applying the fix available.
CVE-2013-5607
CVSS Base Score: 7.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/89066 for the current score
IBM Storwize V7000 Unified system
The product is affected when running code releases 1.3.2.0 to 1.4.2.1.
A fix for this issue is in version 1.4.3.0 of IBM Storwize V7000 Unified system. Customers running an earlier version of V7000 Unified (e.g. 1.3.2.0, 1.4.1.1, 1.4.2.1) should upgrade to 1.4.3.0 or a later version, so that the fix gets applied.
_Work-around(s): _ Use of Mozilla firefox for accessing web sites from V7000 Unified system should be avoided. Mitigation(s): This vulnerability is not exploitable during usual operations of V7000 Unified system. Service personnel should not use Mozilla firefox from V7000 Unified nodes to access the Internet.
CPE | Name | Operator | Version |
---|---|---|---|
ibm storwize v7000 unified (2073) | eq | 1.3 | |
ibm storwize v7000 unified (2073) | eq | 1.4 |