Remote CLI Access Vulnerability in IBM SAN Volume Controller and Storwize Products
CVE-2014-0880

Currently unrated

Key Information:

Vendor: IBM
Status: Storwize V7000 Software; Storwize V7000
Vendor: CVE Published:; 29 March 2014

Summary

This vulnerability allows remote attackers to gain unauthorized CLI access to the IBM SAN Volume Controller and various Storwize models, which can result in potential denial of service. The issue affects software versions 6.3, 6.4 prior to 6.4.1.8, and 7.1 and 7.2 before 7.2.0.3. Attackers can exploit this flaw by targeting the administrative IP address of the affected systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/91145

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004570

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 29, 2014
Vulnerability Reserved
Jan 6, 2014