9 results (0.009 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699. La configuración de IBM Storwize V7000 Unified (2073) 1.6 puede permitir que un atacante revele la versión del servidor en la instalación predeterminada, que podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 160699. • http://www.securityfocus.com/bid/108445 https://exchange.xforce.ibmcloud.com/vulnerabilities/160699 https://www.ibm.com/support/docview.wss?uid=ibm10884656 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. IBM X-Force ID: 140398. La interfaz de gestión web en IBM Storwize V7000 Unified 1.6 expone detalles internos del clúster a usuarios no autenticados. IBM X-Force ID: 140398. Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem 900 and IBM Storwize V7000. • http://www.ibm.com/support/docview.wss?uid=ssg1S1012293 http://www.securityfocus.com/bid/104290 https://exchange.xforce.ibmcloud.com/vulnerabilities/140398 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126868. IBM System Storage Storwize V7000 Unified (V7000U) 1.5 y 1.6 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir que un atacante descifre información altamente sensible. IBM X-Force ID: 126868. • http://www.ibm.com/support/docview.wss?uid=ssg1S1010657 http://www.securityfocus.com/bid/101561 https://exchange.xforce.ibmcloud.com/vulnerabilities/126868 • CWE-326: Inadequate Encryption Strength •

CVSS: 2.1EPSS: 0%CPEs: 11EXPL: 0

IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file. IBM SONAS y System Storage Storwize V7000 Unified (también conocido como V7000U) 1.3.x y 1.4.x anterior a 1.4.3.4 almacena la contraseña chkauth en el registro de auditoría, lo que permite a usuarios locales obtener información sensible mediante la lectura del registro. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004837 https://exchange.xforce.ibmcloud.com/vulnerabilities/93906 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 0

IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.3 allows remote authenticated users to gain privileges by leveraging access to the service account. IBM Storwize V7000 Unified 1.3.x y 1.4.x anterior a 1.4.3.3 permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento del acceso a la cuenta de servicio. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004811 • CWE-264: Permissions, Privileges, and Access Controls •