CVE-2013-0500

Name of the Vulnerable Software and Affected Versions IBM Storwize V7000 Unified versions 1.3.x through 1.4.1

Description The issue arises from improper handling of device files created with the NFS protocol but accessed through non-NFS protocols. This allows remote authenticated users to potentially obtain sensitive information, modify programs or files, or cause a denial of service, resulting in a device crash. The exploitation can occur via various operations, including CIFS, HTTPS, SCP, or SFTP.

Recommendations For IBM Storwize V7000 Unified versions 1.3.x through 1.4.1, update to version 1.4.2.0 or later to resolve the issue.