CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

329 matches found

IBM Security Bulletins•added 2023/06/10 8:23 a.m.•45 views

Security Bulletin: IBMid credentials may be exposed when directly downloading code onto IBM SAN Volume Controller, IBM Storwize, IBM FlashSystem and IBM Spectrum Virtualize products [CVE-2023-27870]

Summary If using the "satask downloadsoftware" command or the "Obtain the package directly" option in the GUI to update the system on IBM SAN Volume Controller, IBM Storwize and IBM FlashSystem products which run IBM Spectrum Virtualize software, the IBMid credentials used to authenticate to Fix...

7.5CVSS6.8AI score0.00314EPSS

Exploits0Affected Software13

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•26 views

Security Bulletin: Vulnerability in sed affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products

Summary A vulnerability in the sed command could allow an authenticated attacker to escape from a restricted shell to obtain sensitive information and cause a denial of service. Vulnerability Details CVEID:CVE-2021-29873 DESCRIPTION: IBM Flash System 900 could allow an authenticated attacker to...

8.8CVSS8.2AI score0.00414EPSS

Exploits0Affected Software2

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•39 views

Security Bulletin: SNMPv3 server credentials are exposed in log files in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary SNMPv3 server credentials can be read in plaintext from system logs and audit logs accessible to any authenticated user in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products. Vulnerability Details CVEID:CVE-2022-43870 DESCRIPTION: IBM Spectrum...

6.5CVSS6.5AI score0.00328EPSS

Exploits0Affected Software13

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•35 views

Security Bulletin: IBM FlashSystem 9100 family and IBM Storwize V7000 2076-724 (Gen3) systems are NOT affected by security vulnerabilities CVE-2018-12037 and CVE-2018-12038

Summary IBM FlashSystem 9100 systems and Storwize V7000 2076-724 Gen3 systems are NOT affected by the security vulnerabilities where, by the absence of a cryptographic link between the password and the Disk Encryption Key, allows attackers with privileged access to SSD firmware to gain full acces...

4.2CVSS2.8AI score0.05849EPSS

Exploits0Affected Software2

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•34 views

Security Bulletin: Vulnerability in Service Assistant GUI affects SAN Volume Controller, Storwize family and FlashSystem V9000 products (CVE-2017-1710)

Summary A vulnerability in the Service Assistant GUI affects IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. The Service Assistant CLI interface is unaffected. Vulnerability Details CVEID: CVE-2017-1710 DESCRIPTION: A vulnerability in the Service Assistant GUI could all...

9.8CVSS9.6AI score0.04177EPSS

Exploits0Affected Software4

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•83 views

Security Bulletin: Java vulnerabilities affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in Java SE affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerabilities are CVE-2019-2989...

6.8CVSS6.4AI score0.02946EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•69 views

Security Bulletin: Multiple vulnerabilities in Linux Kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the Linux Kernel affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 products. The applicable CVEs are CVE-2016-7117 CVE-2016-6828 CVE-2016-102...

10CVSS9.1AI score0.13687EPSS

Exploits24Affected Software7

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•40 views

Security Bulletin: Network Security (NSS) vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in Network Security NSS affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerability is...

5.9CVSS6AI score0.12783EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•42 views

Security Bulletin: Vulnerability in Bash affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2016-0634)

Summary A vulnerability in Bash affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 products. OpenSSH is used in the Command Line Interface. Vulnerability Details CVEID:...

7.5CVSS7.1AI score0.03691EPSS

Exploits0Affected Software7

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•80 views

Security Bulletin: Multiple vulnerabilities in OpenSSH affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in OpenSSH affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 products. OpenSSH is used in the Command Line Interface. The applicable CVEs are...

7.8CVSS7.1AI score0.90046EPSS

Exploits17Affected Software7

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•51 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the IBM® Runtime Environment Java™ Technology Edition affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The...

7.8CVSS7.4AI score0.00588EPSS

Exploits0Affected Software9

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•83 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products

Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing an attacker to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2021-33037...

5.3CVSS6.3AI score0.01865EPSS

Exploits1Affected Software2

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•52 views

Security Bulletin: Multiple vulnerabilities in Apache Struts affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

Summary Open Source Apache Struts vulnerabilities were disclosed in Jun 2016. Struts is used by SAN Volume Controller, Storwize family and FlashSystem V9000 products in their Service Assistant GUI. The CVEs are CVE-2016-4430 CVE-2016-4431 CVE-2016-4433 CVE-2016-4436. Vulnerability Details CVEID:...

9.8CVSS8.8AI score0.08174EPSS

Exploits0Affected Software6

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•627 views

Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing an attacker to cause a denial of service. The Command Line Interface is unaffected. Vulnerability Details CVEID:CVE-2021-42340 DESCRIPTION: Apache Tomcat is vulnerable to a denial of service, cause...

7.5CVSS7.1AI score0.04282EPSS

Exploits0Affected Software8

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•113 views

Security Bulletin: Vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products

Summary Multiple vulnerabilities in the Linux kernel could allow an authenticated attacker to obtain sensitive information. Vulnerability Details CVEID:CVE-2020-10732 DESCRIPTION: Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the...

5.5CVSS6.2AI score0.00039EPSS

Exploits0Affected Software2

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•86 views

Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in the Linux Kernel affect IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerabilities are...

7.8CVSS7.2AI score0.69918EPSS

Exploits4Affected Software8

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•51 views

Security Bulletin: OpenSLP vulnerability affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in OpenSLP affects IBM SAN Volume Controller, IBM Storwize V7000, V5000, V5100, V3700 and V3500, IBM Spectrum Virtualize Software, IBM Spectrum Virtualize for Public Cloud and IBM FlashSystem V9000 and 9100 family products. The applicable vulnerability is CVE-2019-5544...

9.8CVSS10AI score0.92481EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•50 views

Security Bulletin: Multiple vulnerabilities in Network Security Services (NSS) component affect SAN Volume Controller, Storwize family and FlashSystem V9000 products.

Summary Vulnerabilities in Network Security Services NSS component affect IBM SAN Volume Controller, Storwize Family and FlashSystem V9000 products. Though the CVE descriptions below document the vulnerabilities in the context of the Mozilla product, the IBM SAN Volume Controller, Storwize Family...

9.3CVSS9.1AI score0.01626EPSS

Exploits0Affected Software6

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•67 views

Security Bulletin: A vulnerability in the GUI affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the GUI may allow an authenticated attacker to escalate their privilege on IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products. Vulnerability Details CVEID:CVE-2022-43873 DESCRIPTION: An authenticated user can exploit a...

8.8CVSS7.7AI score0.00508EPSS

Exploits0Affected Software13

IBM Security Bulletins•added 2023/03/29 1:48 a.m.•79 views

Security Bulletin: Multiple vulnerabilities in Apache Tomcat affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

Summary Vulnerabilities in the Apache Tomcat component affect the product's management GUI. The CLI interface is unaffected. The applicable CVEs are CVE-2016-5385 CVE-2016-5386 CVE-2016-5387 CVE-2016-5388. Vulnerability Details CVEID: CVE-2016-5385 DESCRIPTION: PHP could allow a remote attacker t...

8.1CVSS7.3AI score0.83504EPSS

Exploits0Affected Software6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by