CVE-2014-0875

Currently unrated

Key Information:

Vendor: IBM
Status: Storwize Unified V7000 Software; Storwize Unified V7000
Vendor: CVE Published:; 7 July 2014

Summary

Active Cloud Engine (ACE) in IBM Storwize V7000 Unified 1.3.0.0 through 1.4.3.x allows remote attackers to bypass intended ACL restrictions in opportunistic circumstances by leveraging incorrect ACL synchronization over an unreliable NFS connection that requires retransmissions.

References

http://www.securityfocus.com/bid/68398

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=ssg1S1004738

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 7, 2014
Vulnerability Reserved
Jan 6, 2014