// For flags

CVE-2013-0500

 

Severity Score

5.4
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

IBM Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.2.0 does not properly handle device files that are created with the NFS protocol but accessed with a non-NFS protocol, which allows remote authenticated users to obtain sensitive information, modify programs or files, or cause a denial of service (device crash) via a (1) CIFS, (2) HTTPS, (3) SCP, or (4) SFTP operation.

IBM Storwize V7000 Unificado 1.3.xy 1.4.x con versiones anteriores a la 1.4.2.0 no trata correctamente los archivos del dispositivo que se crean con el protocolo NFS pero accesible con un protocolo no NFS, lo que permite a los usuarios autenticados remotos obtener información sensible, modificar programas o archivos, o causar una denegación de servicio (caída del aparato) a través de un (1) CIFS, (2) HTTPS, (3) SCP, o (4) la operación SFTP.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
Multiple
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-12-16 CVE Reserved
  • 2013-10-17 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.3.0.0
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.3.0.0"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.3.2.0
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.3.2.0"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.3.2.3
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.3.2.3"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.4.0.0
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.4.0.0"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.4.0.4
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.4.0.4"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.4.1.0
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.4.1.0"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected
Ibm
Search vendor "Ibm"
Storwize V7000 Unified Software
Search vendor "Ibm" for product "Storwize V7000 Unified Software"
1.4.1.1
Search vendor "Ibm" for product "Storwize V7000 Unified Software" and version "1.4.1.1"
-
Affected
in Ibm
Search vendor "Ibm"
Storwize V7000 Unified
Search vendor "Ibm" for product "Storwize V7000 Unified"
--
Affected