Описание
IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.0 does not properly restrict the content of a dump file upon encountering a 1691 hardware fault, which allows remote authenticated users to obtain sensitive customer-data fragments by reading this file after it is copied.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_unified_v7000_software:1.4.2.1:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_unified_v7000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00289
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
IBM System Storage Storwize V7000 Unified 1.3.x and 1.4.x before 1.4.3.0 does not properly restrict the content of a dump file upon encountering a 1691 hardware fault, which allows remote authenticated users to obtain sensitive customer-data fragments by reading this file after it is copied.
EPSS
Процентиль: 52%
0.00289
Низкий
4 Medium
CVSS2
Дефекты
CWE-264