PT-2018-4048 · Ibm · Ibm Xiv Storage System 2812-114+3

Publicado

2018-02-08

·

Atualizado

2018-03-10

·

CVE-2012-2166

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions IBM XIV Storage System 2810-A14 versions prior to 10.2.4.e-2 IBM XIV Storage System 2812-A14 versions prior to 10.2.4.e-2 IBM XIV Storage System 2810-114 versions prior to 11.1.1 IBM XIV Storage System 2812-114 versions prior to 11.1.1
Description The issue allows remote attackers to gain user access due to hardcoded passwords for unspecified accounts.
Recommendations For IBM XIV Storage System 2810-A14 versions prior to 10.2.4.e-2, update to level 10.2.4.e-2 or later. For IBM XIV Storage System 2812-A14 versions prior to 10.2.4.e-2, update to level 10.2.4.e-2 or later. For IBM XIV Storage System 2810-114 versions prior to 11.1.1, update to level 11.1.1 or later. For IBM XIV Storage System 2812-114 versions prior to 11.1.1, update to level 11.1.1 or later.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2012-2166

Produtos afetados

Ibm Xiv Storage System 2810-114
Ibm Xiv Storage System 2810-A14
Ibm Xiv Storage System 2812-114
Ibm Xiv Storage System 2812-A14