X.509 Certificate Trust Issue in IBM XIV Storage System Gen3
CVE-2012-4829

Currently unrated

Key Information:

Vendor: IBM
Status: Xiv Storage System Gen3
Vendor: CVE Published:; 16 April 2013

Summary

The IBM XIV Storage System Gen3 prior to version 11.2 is susceptible to a vulnerability where it relies on a default X.509 v3 certificate for authentication. This flaw potentially allows man-in-the-middle attackers to impersonate servers. Attackers can exploit this weakness through an inadequate trust relationship in the certificate validation process, making it crucial for users to implement appropriate security measures to protect their systems against unauthorized access and maintain the integrity of their data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/78860

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004323

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 16, 2013
Vulnerability Reserved
Sep 6, 2012