Spectrum Virtualize For Public Cloud Security Vulnerabilities and Issues — Spectrum Virtualize For Public Cloud CVE List

Lucene search

IbmSpectrum Virtualize For Public Cloud

10 matches found

CVE•added 2018/05/17 9:29 p.m.•57 views

CVE-2018-1465

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communicatio...

5.3CVSS6.2AI score0.00278EPSS

CVE•added 2018/05/17 9:29 p.m.•55 views

CVE-2018-1461

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code...

5.4CVSS6AI score0.00307EPSS

CVE•added 2018/05/17 9:29 p.m.•55 views

CVE-2018-1463

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which coul...

6.5CVSS7AI score0.00183EPSS

CVE•added 2021/10/21 5:15 p.m.•54 views

CVE-2021-29873

IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and cause a denial of service due to a restricted shell escape vulnerability. IBM X-Force ID: 206229.

8.8CVSS7.6AI score0.00431EPSS

CVE•added 2018/05/17 9:29 p.m.•53 views

CVE-2018-1434

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth...

8.8CVSS8.3AI score0.00214EPSS

CVE•added 2018/05/17 9:29 p.m.•53 views

CVE-2018-1464

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization ...

6.5CVSS6.8AI score0.00278EPSS

CVE•added 2018/05/17 9:29 p.m.•52 views

CVE-2018-1462

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting...

7.6CVSS7.6AI score0.00464EPSS

CVE•added 2018/05/17 9:29 p.m.•50 views

CVE-2018-1466

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive ...

5.3CVSS6.3AI score0.00129EPSS

CVE•added 2018/05/17 9:29 p.m.•49 views

CVE-2018-1438

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-F...

7.5CVSS7.7AI score0.00537EPSS

CVE•added 2018/05/17 9:29 p.m.•41 views

CVE-2018-1433

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-F...

7.5CVSS7.4AI score0.00455EPSS