Design/Logic Flaw

2014-07-0711:01:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

36.2%

JSON

Active Cloud Engine (ACE) in IBM Storwize V7000 Unified 1.3.0.0 through 1.4.3.x allows remote attackers to bypass intended ACL restrictions in opportunistic circumstances by leveraging incorrect ACL synchronization over an unreliable NFS connection that requires retransmissions.

CPENameOperatorVersion
storwize_unified_v7000_softwareeq1.3.0.0
storwize_unified_v7000_softwareeq1.3.1.0
storwize_unified_v7000_softwareeq1.4.0.0
storwize_unified_v7000_softwareeq1.4.0.1
storwize_unified_v7000_softwareeq1.4.0.2
storwize_unified_v7000_softwareeq1.4.0.3
storwize_unified_v7000_softwareeq1.4.0.4
storwize_unified_v7000_softwareeq1.4.0.5
storwize_unified_v7000_softwareeq1.4.1.0
storwize_unified_v7000_softwareeq1.4.1.1

Name	Operator	Version
storwize_unified_v7000_software	eq	1.3.0.0
storwize_unified_v7000_software	eq	1.3.1.0
storwize_unified_v7000_software	eq	1.4.0.0
storwize_unified_v7000_software	eq	1.4.0.1
storwize_unified_v7000_software	eq	1.4.0.2
storwize_unified_v7000_software	eq	1.4.0.3
storwize_unified_v7000_software	eq	1.4.0.4
storwize_unified_v7000_software	eq	1.4.0.5
storwize_unified_v7000_software	eq	1.4.1.0
storwize_unified_v7000_software	eq	1.4.1.1