Описание
IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate certificate-trust relationship.
Уязвимые конфигурации
Конфигурация 1Версия до 11.1 (включая)
cpe:2.3:h:ibm:xiv_storage_system_gen3:*:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.0011
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310
Связанные уязвимости
github
больше 3 лет назад
IBM XIV Storage System Gen3 before 11.2 relies on a default X.509 v3 certificate for authentication, which allows man-in-the-middle attackers to spoof servers by leveraging an inappropriate certificate-trust relationship.
EPSS
Процентиль: 30%
0.0011
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-310