CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4293
https://notcve.org/view.php?id=CVE-2019-4293
20 May 2019 — IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699. La configuración de IBM Storwize V7000 Unified (2073) 1.6 puede permitir que un atacante revele la versión del servidor en la instalación predeterminada, que podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 160699. • http://www.securityfocus.com/bid/108445 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2018-1467 – IBM Flashsystem / Storwize CSRF / Arbitrary File Read / Information Disclosure
https://notcve.org/view.php?id=CVE-2018-1467
14 May 2018 — The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. IBM X-Force ID: 140398. La interfaz de gestión web en IBM Storwize V7000 Unified 1.6 expone detalles internos del clúster a usuarios no autenticados. IBM X-Force ID: 140398. Vulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem 900 and IBM Storwize V7000. • https://packetstorm.news/files/id/147601 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-1375
https://notcve.org/view.php?id=CVE-2017-1375
24 Oct 2017 — IBM System Storage Storwize V7000 Unified (V7000U) 1.5 and 1.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126868. IBM System Storage Storwize V7000 Unified (V7000U) 1.5 y 1.6 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir que un atacante descifre información altamente sensible. IBM X-Force ID: 126868. • http://www.ibm.com/support/docview.wss?uid=ssg1S1010657 • CWE-326: Inadequate Encryption Strength •