Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Storwize V7000 Unified Security Vulnerabilities

cve
cve

CVE-2013-0500

IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of servic...

6.3AI Score

0.001EPSS

2013-10-17 12:55 AM
26
cve
cve

CVE-2013-5376

Cross-site scripting (XSS) vulnerability in IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, related to a "cross frame scripting" attack against an administrative user.

5.2AI Score

0.001EPSS

2013-10-17 12:55 AM
22
cve
cve

CVE-2018-1467

The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. IBM X-Force ID: 140398.

7.5CVSS

7.5AI Score

0.001EPSS

2018-05-25 02:29 PM
22
cve
cve

CVE-2019-4293

IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699.

5.3CVSS

5AI Score

0.002EPSS

2019-05-20 06:29 PM
24