25 matches found
EUVD-2012-4754
Malware in sbrugna...
EUVD-2012-2160
Malware in sbrugna...
EUVD-2012-2161
Malware in sbrugna...
Security Bulletin: IBM XIV Storage System (MTM 2810-A14, 2812-A14, MTM 2810-114, 2812-114) Fixed Passwords for Maintenance Accounts (CVE-2012-2166)
Abstract IBM XIV Storage Systems have maintenance accounts with fixed passwords. A fix is available to manage access to these accounts. Content VULNERABILITY DETAILS: DESCRIPTION: The XIV Storage Systems have preconfigured user accounts that are used for maintenance purposes. These accounts have...
Security Bulletin: IBM Extended Command-Line Interface (XCLI) Utility is affected by a vulnerability in Apache Log4j (CVE-2021-4104)
Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Extended Command-Line Interface XCLI Utility for IBM FlashSystem A9000/A9000R, IBM XIV Storage System models 114/214/314, and IBM Spectrum Accelerate. This vulnerability has been addressed. Vulnerability...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen2 (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM XIV Gen2. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client informati...
Security Bulletin: Vulnerabilities in OpenSSH affect IBM XIV Gen3 (CVE-2016-0777, CVE-2016-0778)
Summary An information leak flaw and buffer overflow flaw in the way the OpenSSH client roaming feature was implemented affects IBM XIV Gen3. Vulnerability Details CVEID: CVE-2016-0777 DESCRIPTION: OpenSSH could allow a remote attacker to obtain sensitive information, caused by a client informati...
Security Bulletin: Vulnerability in MD5 Signature and Hash Algorithm affects IBM XIV Gen3 systems and IBM XIV Management Tools (CVE-2015-7575)
Summary The MD5 “SLOTH” vulnerability on TLS 1.2 affects IBM XIV Gen3 systems and IBM XIV Management Tools. Vulnerability Details CVEID: CVE-2015-7575 DESCRIPTION: The TLS protocol could allow weaker than expected security caused by a collision attack when using the MD5 hash function for signing ...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM XIV Management Tools (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects XIV Management Tools. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to properly...
Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 (CVE-2014-3570)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. OpenSSL is used by IBM XIV Storage System. IBM XIV Storage System has addressed the applicable CVE. We are unaware of any customer being affected by this issue. Vulnerability Details CVEID: CVE-2014-3570...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Storage System Gen2 (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM XIV Management Tools (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM XIV Management Tools. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this...
Security Bulletin: Vulnerability in OpenSSL affects IBM XIV Storage System Gen3 and Gen2 (CVE-2015-0204)
Summary OpenSSL vulnerabilities were disclosed on January 8, 2015 by the OpenSSL Project. This includes “FREAK: Factoring Attack on RSA-EXPORT keys" TLS/SSL client and server vulnerability. OpenSSL is used by IBM XIV Storage System has addressed the applicable CVEs. Vulnerability Details CVEID:...
Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen2 (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but...
Security Bulletin: GNU C library (glibc) vulnerability affects IBM XIV Storage System Gen3 (CVE-2015-0235)
Summary GNU C library glibc vulnerability that has been referred to as GHOST affects IBM XIV Storage System Gen3. Vulnerability Details CVEID: CVE-2015-0235 The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted, but valid hostna...
Security Bulletin: Vulnerability in SSLv3 affects IBM XIV Storage System Gen 2 (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM XIV Storage System Gen2. Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitive...
Security Bulletin: Vulnerability in SSLv3 affects IBM XIV Storage System Gen 3.0 (CVE-2014-3566)
Summary SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption POODLE attack. SSLv3 is enabled in IBM XIV Storage System Gen 3.0 Vulnerability Details CVEID: CVE-2014-3566 DESCRIPTION: Product could allow a remote attacker to obtain sensitiv...
Security Bulletin: IBM XIV Gen2 OpenSSL vulnerability CVE-2014-0224
Summary IBM XIV Gen2 is vulnerable to CVE-2014-0224, which exposes users to a man-in-the-middle attack when using CIM-based management. This vulnerability was reported on June 5, 2014 by the OpenSSL project Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a...
Security Bulletin: IBM XIV Gen3 Storage System is exposed to the following OpenSSL vulnerability: CVE-2014-0224
Summary Security vulnerabilities have been discovered in OpenSSL that were reported on June 5, 2014 by the OpenSSL Project. IBM XIV Gen3 Storage System is exposed to CVE-2014-0224. Vulnerability Details CVE-ID: CVE-2014-0224 DESCRIPTION: OpenSSL is vulnerable to a man-in-the-middle attack, caused...
Security Bulletin: IBM XIV is affected by a vulnerability in OpenSSL (CVE-2014-0160)
Summary A security vulnerability has been discovered in OpenSSL. Vulnerability Details CVE-ID: CVE-2014-0160 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability...