CVE-2014-4811

Name of the Vulnerable Software and Affected Versions IBM Storwize versions 3500, 3700, 5000, and 7000 SAN Volume Controller versions 6.x through 7.x before 7.2.0.8

Description The issue allows remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

Recommendations For SAN Volume Controller versions 6.x through 7.x before 7.2.0.8, update to version 7.2.0.8 or later to resolve the issue. For IBM Storwize versions 3500, 3700, 5000, and 7000, update to a version that includes the fix for this issue, as no specific version is mentioned as being updated.