Design/Logic Flaw

2014-09-1201:55:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

79.2%

JSON

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

CPENameOperatorVersion
san_volume_controller_softwareeq7.1.0.5
san_volume_controller_softwareeq6.1.0.3
san_volume_controller_softwareeq7.2.0.1
san_volume_controller_softwareeq6.3.0.3
san_volume_controller_softwareeq7.2.0.5
san_volume_controller_softwareeq6.1.0.5
san_volume_controller_softwareeq6.3.0.2
san_volume_controller_softwareeq6.1.0.8
san_volume_controller_softwareeq6.1.0.9
san_volume_controller_softwareeq7.1.0.1

Name	Operator	Version
san_volume_controller_software	eq	7.1.0.5
san_volume_controller_software	eq	6.1.0.3
san_volume_controller_software	eq	7.2.0.1
san_volume_controller_software	eq	6.3.0.3
san_volume_controller_software	eq	7.2.0.5
san_volume_controller_software	eq	6.1.0.5
san_volume_controller_software	eq	6.3.0.2
san_volume_controller_software	eq	6.1.0.8
san_volume_controller_software	eq	6.1.0.9
san_volume_controller_software	eq	7.1.0.1