PT-2018-12654 · Ibm · Ibm Storwize V7000 Unified

Jan Bee

Published

2018-05-25

Updated

2019-10-09

CVE-2018-1467

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Storwize V7000 Unified management Web interface version 1.6

Description The management Web interface exposes internal cluster details to unauthenticated users, potentially allowing access to sensitive information.

Recommendations For IBM Storwize V7000 Unified management Web interface version 1.6, consider restricting access to the Web interface until a fix is available.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-1467

Affected Products

Ibm Storwize V7000 Unified

PT-2018-12654 · Ibm · Ibm Storwize V7000 Unified

CVE-2018-1467

Weakness Enumeration

Related Identifiers

Affected Products

References · 5