CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3045
https://notcve.org/view.php?id=CVE-2014-3045
19 Jul 2014 — IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an administrative password in the shell history upon use of the -p option to chuser, which allows local users to obtain sensitive information by leveraging root access. IBM Scale Out Network Attached Storage (SONAS) 1.3.x y 1.4.x anterior a 1.4.3.3 situa la contraseña administrativa en el historial del shell al utilizar la opción -p para 'chuser', lo que permite a usuarios locales obtener información sensible mediante el ap... • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004815 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0706
https://notcve.org/view.php?id=CVE-2012-0706
07 Apr 2013 — IBM Scale Out Network Attached Storage (SONAS) 1.3 before 1.3.2.3 requires cleartext storage of LDAP credentials without recommending a less privileged LDAP account, which might allow attackers to obtain sensitive server information by leveraging root access to a client machine. IBM Scale Out Network Attached Storage (SONAS) 1.3 anterior a 1.3.2.3, requiere el almacenamiento en texto planto de las credenciales LDAP sin recomendar una cuenta con menos privilegios, lo que podría permitir a atacantes obtener i... • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004292 • CWE-255: Credentials Management Errors CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2012-2163
https://notcve.org/view.php?id=CVE-2012-2163
30 Jul 2012 — IBM Scale Out Network Attached Storage (SONAS) 1.1 through 1.3.1 allows remote authenticated administrators to execute arbitrary Linux commands via the (1) Command Line Interface or (2) Graphical User Interface, related to a "code injection" issue. IBM Scale Out Network Attached Storage (SONAS) v1.1 hasta v1.3.1 permite a administradores remotos autenticados ejecutar comandos arbitrarios de Linux a través de la (1) interfaz de línea de comandos o (2) interfaz gráfica de usuario, relacionada con asunto de "i... • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004170 • CWE-264: Permissions, Privileges, and Access Controls •