148 matches found
IBM Spectrum Virtualize 信任管理问题漏洞
IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...
Security Bulletin: IBM Spectrum Virtualize Family Storage Replication Adapter (SRA) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)
Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Spectrum Virtualize Family Storage Replication Adapter SRA for IBM Spectrum Virtualize family storage systems. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION:...
Security Bulletin: IBM Storage Support for Microsoft Volume Shadow Copy Service (VSS) and Virtual Disk Service (VDS) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)
Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Storage Support for Microsoft Volume Shadow Copy Service VSS and Virtual Disk Service VDS for IBM Spectrum Virtualize family and IBM DS8000 family storage systems. This vulnerability has been addressed...
IBM Spectrum Virtualize Elevation of Privilege Vulnerability
IBM Spectrum Virtualize is a software-only storage product that supports software-defined storage to manage and protect massive amounts of data. An elevation of privilege vulnerability exists in IBM Spectrum Virtualize 8.3.1. A remote user authenticated via LDAP can exploit this vulnerability to...
CVE-2020-4686
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...
CVE-2020-4686
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...
Code injection
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...
CVE-2020-4686
IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...
CVE-2018-1775
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products versions 7.5 through 8.2 could allow an authenticated user to download arbitrary files from the operating system. IBM X-Force ID: 148757...
CVE-2018-1775
CVE-2018-1775 affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products. The vulnerability allows an authenticated user to download arbitrary files from the operating system via the Service Assistant GUI. Affected software includes versions 7.5 through ...
IBM SVC or IBM Storwize storage LUN can be deleted under specific circumstances
Challenge | Newly created LUNs on IBM storages that utilize the Spectrum Virtualize Software with Veeam B&RIBM SVC or IBM FlashSystem, under very specific circumstances, can be deleted by Veeam B&R. --- Cause | Spectrum Virtualize software has the ability to reuse LUN IDs, which are not set to be...
Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-11110)
IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...
Cross-site request forgery vulnerability in multiple IBM products (CNVD-2018-13179)
IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...
Cross-site scripting vulnerability in multiple IBM products (CNVD-2018-13181)
IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...
Arbitrary File Read Vulnerability in Multiple IBM Products (CNVD-2018-13174)
IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...
File Access Vulnerability in Multiple IBM Products (CNVD-2018-13180)
IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...
Multiple IBM Products Arbitrary File Read Vulnerability
IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...
Information Disclosure Vulnerability in Multiple IBM Products (CNVD-2018-11111111)
IBM SAN Volume Controller SVC and others are storage systems from IBM in the U.S. IBM SVC is a virtualized storage system; Storwize is a disk storage system customized for small and medium-sized businesses; Spectrum Virtualize is a spectral storage system; FlashSystem is an all-flash storage...
CVE-2018-1463
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 could allow an authenticated user to access system files they should not have access to some of which could...
CVE-2018-1433
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1 web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM...