Lucene search
K

148 matches found

CNNVD
CNNVD
added 2022/05/11 12:0 a.m.4 views

IBM Spectrum Virtualize 信任管理问题漏洞

IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...

9.8CVSS6.8AI score0.00664EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/24 3:3 p.m.36 views

Security Bulletin: IBM Spectrum Virtualize Family Storage Replication Adapter (SRA) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Spectrum Virtualize Family Storage Replication Adapter SRA for IBM Spectrum Virtualize family storage systems. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION:...

7.5CVSS1.3AI score0.81147EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2021/12/24 3:1 p.m.25 views

Security Bulletin: IBM Storage Support for Microsoft Volume Shadow Copy Service (VSS) and Virtual Disk Service (VDS) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Storage Support for Microsoft Volume Shadow Copy Service VSS and Virtual Disk Service VDS for IBM Spectrum Virtualize family and IBM DS8000 family storage systems. This vulnerability has been addressed...

7.5CVSS1AI score0.81147EPSS
Exploits9Affected Software1
CNVD
CNVD
added 2020/08/18 12:0 a.m.3 views

IBM Spectrum Virtualize Elevation of Privilege Vulnerability

IBM Spectrum Virtualize is a software-only storage product that supports software-defined storage to manage and protect massive amounts of data. An elevation of privilege vulnerability exists in IBM Spectrum Virtualize 8.3.1. A remote user authenticated via LDAP can exploit this vulnerability to...

8.1CVSS7.1AI score0.01578EPSS
Exploits0References1
OSV
OSV
added 2020/08/17 1:15 p.m.3 views

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

8.1CVSS5.8AI score0.01578EPSS
Exploits0References2
NVD
NVD
added 2020/08/17 1:15 p.m.17 views

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

8.1CVSS7.2AI score0.01578EPSS
Exploits0References2
Prion
Prion
added 2020/08/17 1:15 p.m.19 views

Code injection

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

5.5CVSS7.8AI score0.01578EPSS
Exploits0References2Affected Software11
Cvelist
Cvelist
added 2020/08/17 12:35 p.m.18 views

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

6.8CVSS8AI score0.01578EPSS
Exploits0References2
OSV
OSV
added 2019/02/27 10:29 p.m.2 views

CVE-2018-1775

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757...

6.5CVSS5.9AI score
Exploits0References3
CVE
CVE
added 2019/02/27 10:0 p.m.51 views

CVE-2018-1775

CVE-2018-1775 affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products. The vulnerability allows an authenticated user to download arbitrary files from the operating system via the Service Assistant GUI. Affected software includes versions 7.5 through ...

6.5CVSS6.2AI score0.01924EPSS
Exploits0References3Affected Software1
Veeam
Veeam
added 2018/12/19 10:13 a.m.10 views

IBM SVC or IBM Storwize storage LUN can be deleted under specific circumstances

Challenge | Newly created LUNs on IBM storages that utilize the Spectrum Virtualize Software with Veeam B&RIBM SVC or IBM FlashSystem, under very specific circumstances, can be deleted by Veeam B&R. --- Cause | Spectrum Virtualize software has the ability to reuse LUN IDs, which are not set to be...

6.9AI score
Exploits0
CNVD
CNVD
added 2018/05/18 12:0 a.m.2 views

Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-11110)

IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...

6.5CVSS6.7AI score0.01441EPSS
Exploits2References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.2 views

Cross-site request forgery vulnerability in multiple IBM products (CNVD-2018-13179)

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...

8.8CVSS8.1AI score0.00941EPSS
Exploits2References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.3 views

Cross-site scripting vulnerability in multiple IBM products (CNVD-2018-13181)

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...

5.4CVSS6.1AI score0.00983EPSS
Exploits2References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.4 views

Arbitrary File Read Vulnerability in Multiple IBM Products (CNVD-2018-13174)

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...

7.5CVSS7.7AI score0.02658EPSS
Exploits3References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.3 views

File Access Vulnerability in Multiple IBM Products (CNVD-2018-13180)

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...

7.6CVSS7.4AI score0.01244EPSS
Exploits2References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.1 views

Multiple IBM Products Arbitrary File Read Vulnerability

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...

7.5CVSS7.5AI score0.0232EPSS
Exploits2References1
CNVD
CNVD
added 2018/05/18 12:0 a.m.1 views

Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-11111111)

IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...

6.5CVSS6.8AI score0.01673EPSS
Exploits2References1
OSV
OSV
added 2018/05/17 9:29 p.m.3 views

CVE-2018-1463

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 could allow an authenticated user to access system files they should not have access to some of which could...

6.5CVSS5.8AI score
Exploits0References5
NVD
NVD
added 2018/05/17 9:29 p.m.20 views

CVE-2018-1433

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM...

7.5CVSS7.9AI score0.02658EPSS
Exploits3References5
Rows per page
Query Builder