CVE-2018-1433
VULNERABILITY DETAIL (CVE-2018-1433): IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem family (versions 6.1–8.1.x) expose a web handler /DownloadFile that does not require authentication, enabling reading arbitrary files from the system. This is confirmed acros...