3 matches found
CVE-2020-4987
CVE-2020-4987 affects IBM FlashSystem 900 user management GUI. Stored XSS in the web UI allows embedding arbitrary JavaScript, potentially leading to credentials disclosure within a trusted session. Affected code is VRMF 1.5.2.8 and prior and 1.6.1.2 and prior; fixes are available: 1.6.1.3 (1.6 s...
CVE-2018-1822
CVE-2018-1822 affects IBM FlashSystem 840 and 900 GUI. The vulnerability allows a crafted attack to bypass authentication, enabling remote escalation of privileges and potential administrative control or denial of service. Affected MTMs include FlashSystem 840 (9840-AE1, 9843-AE1) and FlashSystem...
CVE-2018-1495
IBM FlashSystem V840 and V900 are affected by CVE-2018-1495. An authenticated attacker with specialized access could overwrite arbitrary files, potentially causing a denial of service. The IBM bulletin details affected platforms (FlashSystem 840 MTMs 9840-AE1/9843-AE1; FlashSystem 900 MTMs 9840-A...