PT-2018-4048 · Ibm · Ibm Xiv Storage System 2812-114+3

Published

2018-02-08

·

Updated

2018-03-10

·

CVE-2012-2166

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions IBM XIV Storage System 2810-A14 versions prior to 10.2.4.e-2 IBM XIV Storage System 2812-A14 versions prior to 10.2.4.e-2 IBM XIV Storage System 2810-114 versions prior to 11.1.1 IBM XIV Storage System 2812-114 versions prior to 11.1.1
Description The issue allows remote attackers to gain user access due to hardcoded passwords for unspecified accounts.
Recommendations For IBM XIV Storage System 2810-A14 versions prior to 10.2.4.e-2, update to level 10.2.4.e-2 or later. For IBM XIV Storage System 2812-A14 versions prior to 10.2.4.e-2, update to level 10.2.4.e-2 or later. For IBM XIV Storage System 2810-114 versions prior to 11.1.1, update to level 11.1.1 or later. For IBM XIV Storage System 2812-114 versions prior to 11.1.1, update to level 11.1.1 or later.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-798

Related Identifiers

CVE-2012-2166

Affected Products

Ibm Xiv Storage System 2810-114
Ibm Xiv Storage System 2810-A14
Ibm Xiv Storage System 2812-114
Ibm Xiv Storage System 2812-A14