Описание
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.3.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:storwize_v7000_unified_software:1.4.3.3:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_unified_v7000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) 1.3.x and 1.4.x before 1.4.3.4 store the chkauth password in the audit log, which allows local users to obtain sensitive information by reading this log file.
EPSS
Процентиль: 16%
0.0005
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200