PT-2023-13702 · Ibm · Ibm Spectrum Virtualize

Name of the Vulnerable Software and Affected Versions: IBM Spectrum Virtualize versions 7.8, 8.2, 8.3, 8.4, 8.5 Description: The issue could disclose sensitive information to an attacker using man-in-the-middle techniques under certain configurations. Recommendations: For versions 7.8, 8.2, 8.3,...

CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

Design/Logic Flaw

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

CVE-2022-42327

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC accesses" feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode. Access to this shared page bypasses the expected isolation that should exist...

PT-2022-26367 · Intel +1 · Intel +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns unintended memory sharing between guests on Intel systems that support the "virtualize APIC accesses" feature. A guest can read and...

The vulnerability of the software authentication mechanism of Spectrum Virtualize allows a perpetrator to escalate their privileges.

The vulnerability of the software authentication mechanism of Spectrum Virtualize is related to the use of strictly encrypted credentials. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

Remote Support Authentication Vulnerability in IBM Spectrum Virtualize and Lenovo Storage V Series - Lenovo Support US

No description provided...

IBM Spectrum Virtualize Access Control Error Vulnerability

IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

Design/Logic Flaw

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

CVE-2021-38969

CVE-2021-38969 affects IBM Spectrum Virtualize 8.2, 8.3, and 8.4. The issue arises from reuse of support-generated credentials in the remote-support authentication mechanism, potentially allowing an attacker to obtain unauthorized access to the product’s management GUI. IBM Essen... (IBM Security...

IBM Spectrum Virtualize 信任管理问题漏洞

IBM Spectrum Virtualize is a block storage virtualization system from IBM USA. It improves data value, security, and simplicity for new and existing storage infrastructures.An access control error vulnerability exists in IBM Spectrum Virtualize versions 8.2, 8.3, and 8.4. The vulnerability stems...

Security Bulletin: IBM Spectrum Virtualize Family Storage Replication Adapter (SRA) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Spectrum Virtualize Family Storage Replication Adapter SRA for IBM Spectrum Virtualize family storage systems. This vulnerability has been addressed. Vulnerability Details CVEID: CVE-2021-4104 DESCRIPTION:...

Security Bulletin: IBM Storage Support for Microsoft Volume Shadow Copy Service (VSS) and Virtual Disk Service (VDS) is affected by a vulnerability in Apache Log4j (CVE-2021-4104)

Summary A vulnerability was identified within the Apache Log4j library that is used by IBM Storage Support for Microsoft Volume Shadow Copy Service VSS and Virtual Disk Service VDS for IBM Spectrum Virtualize family and IBM DS8000 family storage systems. This vulnerability has been addressed...

IBM Spectrum Virtualize Elevation of Privilege Vulnerability

IBM Spectrum Virtualize is a software-only storage product that supports software-defined storage to manage and protect massive amounts of data. An elevation of privilege vulnerability exists in IBM Spectrum Virtualize 8.3.1. A remote user authenticated via LDAP can exploit this vulnerability to...

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

CVE-2020-4686

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...

Code injection

IBM Spectrum Virtualize 8.3.1 could allow a remote user authenticated via LDAP to escalate their privileges and perform actions they should not have access to. IBM X-Force ID: 186678...