CVE-2014-4811

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-4811
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x before 7.2.0.8 allow remote attackers to reset the administrator superuser password to its default value via a direct request to the administrative IP address.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.ibm.com/support/docview.wss?uid=ssg1S1004846 Patch Vendor Advisory
http://www.securityfocus.com/bid/69771
http://secunia.com/advisories/61075
https://exchange.xforce.ibmcloud.com/vulnerabilities/95387
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.3:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3500:-:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v3700:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.4:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v7000:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.3:*:*:*:*:*:*:*
cpe:2.3:h:ibm:storwize_v5000:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:7.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:san_volume_controller_software:6.1.0.7:*:*:*:*:*:*:*
Information

Published : 2014-09-11 18:55

Updated : 2017-08-28 18:35

NVD link : CVE-2014-4811

Mitre link : CVE-2014-4811

JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa
Products Affected

ibm

  • storwize_v3700
  • storwize_v5000
  • storwize_v7000
  • storwize_v3500
  • san_volume_controller_software