CVE-2023-50948

Name of the Vulnerable Software and Affected Versions IBM Storage Fusion HCI versions 2.1.0 through 2.6.1

Description The issue concerns the use of hard-coded credentials, such as a password or cryptographic key, which the software uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. This could allow a remote attacker to gain unauthorized access to protected information.

Recommendations For IBM Storage Fusion HCI versions 2.1.0 through 2.6.1, consider disabling the use of hard-coded credentials as a temporary workaround until a patch is available. Restrict access to sensitive components and data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.