PT-2014-5070 · Ibm · Ibm Sonas+1
Published
2014-09-15
·
Updated
2017-08-29
·
CVE-2014-3077
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM SONAS and System Storage Storwize V7000 Unified (aka V7000U) versions 1.3.x through 1.4.x before 1.4.3.4
Description
The issue allows local users to obtain sensitive information by reading the audit log file, where the chkauth password is stored.
Recommendations
For versions 1.3.x through 1.4.x before 1.4.3.4, update to version 1.4.3.4 or later to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Sonas
Ibm System Storage Storwize V7000 Unified