Lucene search
K

197 matches found

Tenable Nessus
Tenable Nessus
added 2018/02/15 12:0 a.m.27 views

IBM San Volume Controller / Storwize / FlashSystem 8.1.x < 8.1.0.1 privilege escalation vulnerability

According to its self-reported version number, the IBM San Volume Controller, Storwize or FlashSystem is vulnerable to an unspecified privilege escalation vulnerability within the Service Assistant GUI. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid106844;...

9.8CVSS8.4AI score0.03498EPSS
Exploits0References2
Lenovo
Lenovo
added 2017/12/01 12:0 a.m.59 views

Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products - lu

Lenovo Security Advisory: LEN-18236 Potential Impact: A vulnerability in the Service Assistant GUI could allow a remote attacker to perform a privilege escalation. Severity: High Scope of Impact: Lenovo Storage/IBM Storwize CVE Identifier: CVE-2017-1710 Summary Description: A vulnerability in the...

7.5CVSS9.4AI score0.03498EPSS
Exploits0
Lenovo
Lenovo
added 2017/12/01 12:0 a.m.0 views

Vulnerability in Service Assistance GUI for Lenovo Storage and Storwize Products - Lenovo Support NL

No description provided...

5.8AI score
Exploits0
NVD
NVD
added 2014/09/12 1:55 a.m.18 views

CVE-2014-4811

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address...

7.5CVSS6.7AI score0.02736EPSS
Exploits0References4
Prion
Prion
added 2014/09/12 1:55 a.m.20 views

Design/Logic Flaw

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address...

7.5CVSS7.3AI score0.02736EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2014/09/12 1:0 a.m.61 views

CVE-2014-4811

Summary (CVE-2014-4811) IBM Storwize family (V3500, V3700, V5000, V7000) and SAN Volume Controller prior to 7.2.0.8 are vulnerable. An unauthorized remote user with network access to the system’s administrative IP can reset the administrator superuser password to a default value via a web browser...

7.5CVSS6.9AI score0.02736EPSS
Exploits0References4Affected Software5
Cvelist
Cvelist
added 2014/09/12 1:0 a.m.22 views

CVE-2014-4811

IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address...

6.7AI score0.02736EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/07/03 12:0 a.m.26 views

IBM Storwize Authenticated Information Disclosure

The remote Storwize device is a model that is affected by an authenticated information disclosure vulnerability. In the event of a hardware fault, memory contents containing customer data may be written to a file that can be read by an authenticated user of the system who may not otherwise have...

4CVSS5.6AI score0.01634EPSS
Exploits0References3
NVD
NVD
added 2014/03/29 1:55 a.m.24 views

CVE-2014-0880

IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...

7.5CVSS6.6AI score0.01912EPSS
Exploits0References2
Prion
Prion
added 2014/03/29 1:55 a.m.15 views

Code injection

IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...

7.5CVSS7.2AI score0.01912EPSS
Exploits0References2Affected Software6
Cvelist
Cvelist
added 2014/03/29 1:0 a.m.28 views

CVE-2014-0880

IBM SAN Volume Controller; Storwize V3500, V3700, V5000, and V7000; and Flex System V7000 with software 6.3 and 6.4 before 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3, allow remote attackers to obtain CLI access, and consequently cause a denial of service, via unspecified traffic to the administrativ...

6.6AI score0.01912EPSS
Exploits0References2
CVE
CVE
added 2014/03/29 1:0 a.m.59 views

CVE-2014-0880

CVE-2014-0880 affects IBM SAN Volume Controller and Storwize family (V3500/V3700/V5000/V7000 and Flex System V7000; Lenovo/IBM code lines 6.3–7.2). Root cause: an unauthorized network-grade user can access the system’s administrative IP and gain CLI access, enabling issuance of all administrative...

7.5CVSS6.8AI score0.01912EPSS
Exploits0References2Affected Software2
Symantec
Symantec
added 2014/03/27 12:0 a.m.28 views

Multiple IBM Products CVE-2014-0880 Security Bypass Vulnerability

Description Multiple IBM Products are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: IBM SAN Volume Controller 6.3, 6.4,...

7.5CVSS1.5AI score0.01912EPSS
Exploits0Affected Software6
NVD
NVD
added 2013/02/19 7:55 p.m.19 views

CVE-2012-6354

The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets...

7.5CVSS6.8AI score0.02044EPSS
Exploits0References2
Prion
Prion
added 2013/02/19 7:55 p.m.18 views

Authentication flaw

The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets...

7.5CVSS7.3AI score0.02044EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/02/19 7:0 p.m.79 views

CVE-2012-6354

CVE-2012-6354 affects IBM SAN Volume Controller and Storwize family (V7000, V3500, V3700, and Flex System V7000) where the management GUI on the IP interface allows an unauthenticated user to obtain superuser access. The issue is exploitable by someone with access to the system’s management IP in...

7.5CVSS7AI score0.02044EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2013/02/19 7:0 p.m.22 views

CVE-2012-6354

The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets...

6.8AI score0.02044EPSS
Exploits0References2
Rows per page
Query Builder